preventivní kontrola pc

[Fanynka0012]

Dobrý den,
prosím o kontrolu pc. Předem děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendy at 2014-07-15 20:02:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 143 GB (47%) free of 305 GB
Total RAM: 1789 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:05, on 15.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vendy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [P3status] "C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe" L=CZE Q
O4 - HKLM\..\Run: [WilPrintCapture] C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A3454211C5015F06745CE3B4748BF488] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TotalMedia Server.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch TotalMedia Theatre 6 Driver - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Unimessage Printer Tracking Service (wilusbmonitor) - Unknown owner - C:\Windows\system32\wilpmv64.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8560 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e3816d28-5534-4b08-8001-6cd504cb3b7f -SystemEventPortName:HostProcess-a03f626e-ed11-45fa-aef7-68f9d58e10cc -IoCancelEventPortName:HostProcess-3e3081a6-d58b-43c4-89fa-a7da614b7534 -NonStateChangingEventPortName:HostProcess-d2e2379c-d575-4eed-abd0-7bb90a888639 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3020520a-9a57-4146-ae1d-9bfb2b90a109
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 1634688
\??\C:\Windows\system32\conhost.exe "-1590468269-1559620546-1774425765-12931864943655660-213150745012404221531219760349
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wilpmv64.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe" L=CZE Q
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2224.0.120946262\608918660" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" -anon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2224.1.1766203783\39338811" /prefetch:673131151
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000634
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vendy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=cs --channel="2224.5.97894678\1328305626" /prefetch:-390060480
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Users\Vendy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2224.8.837094239\1797760598" /prefetch:673131151
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /ignoreRunningInstances
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2224.17.1442010953\823925781" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files\Microsoft Games\solitaire\solitaire.exe"
"C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -Xmx512m -Dsun.java2d.d3d=false -jar "C:\Program Files (x86)\JDownloader\JDownloader.jar"
"taskhost.exe"
C:\Windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2224.68.897243865\1357215426" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2224.71.362489285\1380748" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2224.72.900390666\2146043939" /prefetch:673131151
"C:\Users\Vendy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job - C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job - C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 2074408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-09 116648]
"GoogleChromeAutoLaunch_A3454211C5015F06745CE3B4748BF488"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-06-05 860488]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-07-03 750160]
"P3status"=C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe [2011-05-26 180224]
"WilPrintCapture"=C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE [2009-02-10 143360]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-07-07 189520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TotalMedia Server.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-15 20:02:19 ----D---- C:\Program Files\trend micro
2014-07-15 20:02:06 ----D---- C:\rsit
2014-07-10 02:06:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-10 02:06:35 ----A---- C:\Windows\system32\iernonce.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-10 02:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-10 02:06:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-10 02:06:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 02:06:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\urlmon.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-10 02:06:30 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-10 02:06:30 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-10 02:06:29 ----A---- C:\Windows\system32\iesetup.dll
2014-07-10 02:06:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-10 02:06:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-10 02:06:28 ----A---- C:\Windows\system32\iertutil.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-10 02:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\ieui.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\ieframe.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-10 02:06:24 ----A---- C:\Windows\system32\vbscript.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\jscript9.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-10 02:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-07-10 02:06:23 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-10 02:06:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 02:06:22 ----A---- C:\Windows\system32\msrating.dll
2014-07-10 02:06:21 ----A---- C:\Windows\system32\mshtml.dll
2014-07-10 00:25:04 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-10 00:25:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-10 00:25:04 ----A---- C:\Windows\system32\osk.exe
2014-07-09 23:45:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 23:45:13 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 23:44:50 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 23:14:55 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 23:14:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 23:14:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-05 17:45:22 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2014-07-15 20:02:31 ----D---- C:\Windows\Temp
2014-07-15 20:02:19 ----RD---- C:\Program Files
2014-07-15 15:21:44 ----D---- C:\Program Files (x86)\JDownloader
2014-07-15 14:03:13 ----D---- C:\Windows\system32\config
2014-07-15 14:00:34 ----D---- C:\ProgramData\Package Cache
2014-07-15 14:00:29 ----SHD---- C:\Windows\Installer
2014-07-15 13:59:03 ----D---- C:\Windows\SysWOW64
2014-07-15 13:58:59 ----D---- C:\Program Files (x86)\Avira
2014-07-15 13:55:50 ----D---- C:\Windows\Prefetch
2014-07-15 13:53:18 ----D---- C:\Windows\System32
2014-07-15 13:53:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-15 13:53:17 ----D---- C:\Windows\inf
2014-07-15 00:58:18 ----D---- C:\Users\Vendy\AppData\Roaming\vlc
2014-07-10 11:33:43 ----D---- C:\Windows\rescache
2014-07-10 03:24:54 ----D---- C:\Windows\winsxs
2014-07-10 03:21:45 ----D---- C:\Program Files\Windows Journal
2014-07-10 03:21:41 ----D---- C:\Windows\ehome
2014-07-10 03:21:40 ----D---- C:\Windows\system32\drivers
2014-07-10 03:21:40 ----D---- C:\Program Files\Internet Explorer
2014-07-10 03:21:39 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 03:21:37 ----D---- C:\Windows\system32\en-US
2014-07-10 03:21:35 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 03:05:02 ----D---- C:\Windows\system32\MRT
2014-07-10 03:03:13 ----A---- C:\Windows\system32\MRT.exe
2014-07-10 03:00:41 ----SHD---- C:\System Volume Information
2014-07-09 23:14:21 ----D---- C:\Windows\system32\catroot
2014-07-09 23:14:20 ----D---- C:\Windows\system32\catroot2
2014-06-26 10:08:37 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ArcCtrl;ArcCtrl; C:\Windows\system32\drivers\ArcCtrl.sys [2013-11-20 3315392]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-15 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-02-25 28600]
R1 Uim_DEVIM;UIM Direct Device Image Plugin; C:\Windows\system32\DRIVERS\uim_devim.sys [2013-12-16 25992]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\system32\DRIVERS\uim_im.sys [2013-12-16 700680]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2013-12-16 102664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-07-03 117712]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-03-22 4747880]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-02-26 316464]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2014-03-11 44736]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-07-03 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-07-03 430160]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-07-07 141392]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 wilusbmonitor;Unimessage Printer Tracking Service; C:\Windows\system32\wilpmv64.exe [2014-05-03 155136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22 116648]
S2 Launch TotalMedia Theatre 6 Driver;Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [2014-03-04 608256]
S2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-22 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-07-08 1030224]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Fanynka0012]

Zdravím,
děkuji za Váš čas a přikládám log

# AdwCleaner v3.215 - Report created 17/07/2014 at 14:04:32
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Vendy - VENDY-PC
# Running from : C:\Users\Vendy\Desktop\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [767 octets] - [17/07/2014 14:00:35]
AdwCleaner[S0].txt - [689 octets] - [17/07/2014 14:04:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [748 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Fanynka0012]

Zdravím,

exportovat log mi program nenabízí, ale nedetekoval žádné hrozby

[Márty84]

Je s tim pc nejaky konkretni problem, nebo jde ciste jen o prevenci?


Dejte novy log z RSIT

a k tomu

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Fanynka0012]

Dobrý den,

jediný problém je v tom, že pc jede strašně pomalu. Přikládám logy:

RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendy at 2014-07-29 23:32:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 162 GB (53%) free of 305 GB
Total RAM: 1789 MB (6% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:32:44, on 29.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vendy\Downloads\OTL.exe
C:\Program Files\trend micro\Vendy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [P3status] "C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe" L=CZE Q
O4 - HKLM\..\Run: [WilPrintCapture] C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TotalMedia Server.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch TotalMedia Theatre 6 Driver - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Unimessage Printer Tracking Service (wilusbmonitor) - Unknown owner - C:\Windows\system32\wilpmv64.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8127 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7f450445-2dac-40d3-8381-351723df93fa -SystemEventPortName:HostProcess-c342f3ba-e1a3-42a4-8c4a-a9b41456a4fe -IoCancelEventPortName:HostProcess-2fd00e1a-42bc-419e-b5f6-53d79198d4bf -NonStateChangingEventPortName:HostProcess-e6e71e9d-b58d-4c03-9b43-81b061ebbb1c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:04903413-b661-4bac-9fd5-3445aa3c6156
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 34411440
\??\C:\Windows\system32\conhost.exe "199715988-1960408583146425021997787295-1810339802864515746-2123745241607672020
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\wilpmv64.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe" L=CZE Q
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE"
"C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" -anon
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000620
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2768.0.1786418181\1911331127" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A3_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2768.2.1250868123\1747515965" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A3_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2768.19.519175976\1931080560" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A3_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2768.59.2072789517\1644901773" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2768.62.263105876\772262844" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Users\Vendy\Downloads\OTL.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Vendy\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job - C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job - C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 2074408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-09 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-07-03 750160]
"P3status"=C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe [2011-05-26 180224]
"WilPrintCapture"=C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE [2009-02-10 143360]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-07-07 189520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TotalMedia Server.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-23 23:30:53 ----D---- C:\ProgramData\Malwarebytes
2014-07-17 14:01:01 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-17 14:00:31 ----D---- C:\AdwCleaner
2014-07-15 20:02:19 ----D---- C:\Program Files\trend micro
2014-07-15 20:02:06 ----D---- C:\rsit
2014-07-10 02:06:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-10 02:06:35 ----A---- C:\Windows\system32\iernonce.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-10 02:06:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-10 02:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-10 02:06:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-10 02:06:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-10 02:06:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 02:06:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-10 02:06:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\urlmon.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 02:06:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-10 02:06:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-10 02:06:30 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-10 02:06:30 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-10 02:06:29 ----A---- C:\Windows\system32\iesetup.dll
2014-07-10 02:06:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-10 02:06:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-10 02:06:28 ----A---- C:\Windows\system32\iertutil.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-10 02:06:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-10 02:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\ieui.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\ieframe.dll
2014-07-10 02:06:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-10 02:06:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-10 02:06:24 ----A---- C:\Windows\system32\vbscript.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\jscript9.dll
2014-07-10 02:06:24 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-10 02:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-07-10 02:06:23 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-10 02:06:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 02:06:22 ----A---- C:\Windows\system32\msrating.dll
2014-07-10 02:06:21 ----A---- C:\Windows\system32\mshtml.dll
2014-07-10 00:25:04 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-10 00:25:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-10 00:25:04 ----A---- C:\Windows\system32\osk.exe
2014-07-09 23:45:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 23:45:13 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 23:44:50 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 23:14:55 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 23:14:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 23:14:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-05 17:45:22 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2014-07-29 23:32:39 ----D---- C:\Windows\Temp
2014-07-29 23:30:35 ----SHD---- C:\System Volume Information
2014-07-29 17:50:10 ----D---- C:\Windows\system32\config
2014-07-26 14:44:42 ----D---- C:\Windows\System32
2014-07-26 14:44:42 ----D---- C:\Windows\inf
2014-07-26 14:44:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-24 01:32:39 ----RD---- C:\Program Files (x86)
2014-07-24 01:32:39 ----D---- C:\Windows\system32\drivers
2014-07-23 23:30:53 ----HD---- C:\ProgramData
2014-07-17 14:01:01 ----D---- C:\Windows\SysWOW64
2014-07-15 20:02:19 ----RD---- C:\Program Files
2014-07-15 15:21:44 ----D---- C:\Program Files (x86)\JDownloader
2014-07-15 14:00:34 ----D---- C:\ProgramData\Package Cache
2014-07-15 14:00:29 ----SHD---- C:\Windows\Installer
2014-07-15 13:58:59 ----D---- C:\Program Files (x86)\Avira
2014-07-15 13:55:50 ----D---- C:\Windows\Prefetch
2014-07-15 00:58:18 ----D---- C:\Users\Vendy\AppData\Roaming\vlc
2014-07-10 11:33:43 ----D---- C:\Windows\rescache
2014-07-10 03:24:54 ----D---- C:\Windows\winsxs
2014-07-10 03:21:45 ----D---- C:\Program Files\Windows Journal
2014-07-10 03:21:41 ----D---- C:\Windows\ehome
2014-07-10 03:21:40 ----D---- C:\Program Files\Internet Explorer
2014-07-10 03:21:39 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 03:21:37 ----D---- C:\Windows\system32\en-US
2014-07-10 03:21:35 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 03:05:02 ----D---- C:\Windows\system32\MRT
2014-07-10 03:03:13 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 23:14:21 ----D---- C:\Windows\system32\catroot
2014-07-09 23:14:20 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ArcCtrl;ArcCtrl; C:\Windows\system32\drivers\ArcCtrl.sys [2013-11-20 3315392]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-15 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-02-25 28600]
R1 Uim_DEVIM;UIM Direct Device Image Plugin; C:\Windows\system32\DRIVERS\uim_devim.sys [2013-12-16 25992]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\system32\DRIVERS\uim_im.sys [2013-12-16 700680]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2013-12-16 102664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-07-03 117712]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-03-22 4747880]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-02-26 316464]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2014-03-11 44736]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-07-03 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-07-03 430160]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-07-07 141392]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 wilusbmonitor;Unimessage Printer Tracking Service; C:\Windows\system32\wilpmv64.exe [2014-05-03 155136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22 116648]
S2 Launch TotalMedia Theatre 6 Driver;Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [2014-03-04 608256]
S2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-22 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-07-08 1030224]

-----------------EOF-----------------

[Fanynka0012]

OTL:

OTL logfile created on: 29.7.2014 23:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vendy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,19 Gb Available Physical Memory | 11,10% Memory free
3,49 Gb Paging File | 0,75 Gb Available in Paging File | 21,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 158,23 Gb Free Space | 53,10% Space Free | Partition Type: NTFS

Computer Name: VENDY-PC | User Name: Vendy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.07.29 14:53:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vendy\Downloads\OTL.exe
PRC - [2014.07.15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.07.07 13:53:12 | 000,189,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014.07.07 13:53:10 | 000,141,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014.07.03 20:27:06 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.07.03 20:25:29 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.07.03 20:25:28 | 000,750,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.04.02 15:27:36 | 004,972,864 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.03.11 18:04:52 | 000,044,736 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
PRC - [2012.11.26 10:52:40 | 000,520,296 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
PRC - [2011.05.26 23:00:00 | 000,180,224 | ---- | M] (Wordcraft International Ltd. ) -- C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe
PRC - [2009.02.10 14:04:42 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE


========== Modules (No Company Name) ==========

MOD - [2014.07.15 11:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014.07.15 11:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014.07.15 11:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014.07.15 11:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
MOD - [2014.07.15 11:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
MOD - [2014.07.15 11:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014.07.07 13:53:10 | 000,137,296 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014.07.07 13:53:06 | 000,049,744 | ---- | M] () -- C:\Users\Vendy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
MOD - [2014.04.21 16:27:28 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\360603d8efa82557e7fce70287cb242e\WindowsFormsIntegration.ni.dll
MOD - [2014.04.21 16:27:09 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2e3fdae8546832614633495638bef8d0\System.ServiceProcess.ni.dll
MOD - [2014.04.21 16:27:02 | 018,109,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dd733c6f1f9f50f3517d48da5bea80d2\System.ServiceModel.ni.dll
MOD - [2014.04.21 16:26:21 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\fe7c09c37b8b39bd894d6a225f9ca01b\System.IdentityModel.ni.dll
MOD - [2014.04.20 17:17:59 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\System.Transactions.ni.dll
MOD - [2014.04.20 17:17:57 | 001,021,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\469dd20488c4a9606abe21189a3c1ab9\System.Runtime.DurableInstancing.ni.dll
MOD - [2014.04.20 17:17:56 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\27bdc6196968e44234654e30e1028750\SMDiagnostics.ni.dll
MOD - [2014.04.20 17:17:55 | 002,658,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
MOD - [2014.04.20 17:17:50 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014.04.20 02:16:24 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9aafa1869d136f77bc483f25d0795229\PresentationFramework.ni.dll
MOD - [2014.04.20 02:16:09 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b307821c69c09ed0a2ee47122fdcdd4d\PresentationCore.ni.dll
MOD - [2014.04.20 02:16:03 | 006,813,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b5f67ff59d386021c43b1ee400c00feb\System.Data.ni.dll
MOD - [2014.04.20 02:15:59 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\49605239a73cd565e3a08048a31b442e\WindowsBase.ni.dll
MOD - [2014.04.20 02:15:56 | 002,553,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\70995df0f70bcaffe432672c91f3f2d3\System.Data.Linq.ni.dll
MOD - [2014.04.20 02:15:55 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014.04.20 02:15:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014.04.20 02:15:52 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014.04.20 02:15:51 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014.04.20 02:15:49 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2014.04.20 02:15:43 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014.04.20 02:15:41 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014.04.20 02:15:36 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\8fa7f2d6cc4122c7102a02586074a183\System.Numerics.ni.dll
MOD - [2014.04.20 02:15:35 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2009.02.10 14:04:42 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe -- (wltrysvc)
SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.05.03 21:02:50 | 000,155,136 | ---- | M] (Wordcraft International Limited) [Auto | Running] -- C:\Windows\SysNative\wilpmv64.exe -- (wilusbmonitor)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.04.30 05:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014.07.08 11:42:39 | 001,030,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014.07.07 13:53:10 | 000,141,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014.07.03 20:27:06 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.07.03 20:25:29 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.04.02 15:27:36 | 004,972,864 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.03.11 18:04:52 | 000,044,736 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2014.03.04 12:14:50 | 000,608,256 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe -- (Launch TotalMedia Theatre 6 Driver)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.07.03 20:25:28 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.05.15 13:26:01 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014.03.22 19:41:56 | 004,747,880 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2014.02.25 11:41:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.12.16 19:29:06 | 000,700,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_im.sys -- (Uim_IM)
DRV:64bit: - [2013.12.16 19:29:06 | 000,102,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\UimBus.sys -- (UimBus)
DRV:64bit: - [2013.12.16 19:29:06 | 000,025,992 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_devim.sys -- (Uim_DEVIM)
DRV:64bit: - [2013.11.20 10:57:54 | 003,315,392 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcCtrl.sys -- (ArcCtrl)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.04.30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013.04.30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.04.30 04:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.26 11:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1495527664-3360360540-2605983402-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1495527664-3360360540-2605983402-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1495527664-3360360540-2605983402-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Vendy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Vendy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vendy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vendy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=LENP
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hangouts = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.710.434.3_0\
CHR - Extension: Peněženka Google = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [P3status] C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\p3status.exe (Wordcraft International Ltd. )
O4 - HKLM..\Run: [WilPrintCapture] C:\Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F7993EA-9ECB-4645-8AA1-ACE11CA9CE43}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD7361C2-1F75-4D96-9F95-1459D22F2F08}: DhcpNameServer = 10.100.0.1 10.0.0.1 8.8.8.8
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.07.23 23:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.07.17 14:01:01 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014.07.17 14:00:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.07.15 20:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.15 20:02:06 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.10 02:06:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.07.10 02:06:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.07.10 02:06:34 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.07.10 02:06:34 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.07.10 02:06:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.07.10 02:06:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.07.10 02:06:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.07.10 02:06:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.07.10 02:06:32 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.07.10 02:06:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.07.10 02:06:31 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.07.10 02:06:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.07.10 02:06:30 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.07.10 02:06:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.07.10 02:06:30 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.07.10 02:06:29 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.07.10 02:06:29 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.07.10 02:06:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.07.10 02:06:28 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.07.10 02:06:27 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.07.10 02:06:27 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.07.10 02:06:27 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.07.10 02:06:27 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.07.10 02:06:26 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.07.10 02:06:26 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.07.10 02:06:25 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.07.10 02:06:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.07.10 02:06:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.07.10 02:06:24 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.07.10 02:06:24 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.07.10 02:06:24 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.07.10 02:06:24 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.07.10 02:06:23 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.07.10 02:06:22 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.07.10 02:06:22 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.07.10 00:25:04 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014.07.10 00:25:04 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014.07.09 23:45:13 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014.07.09 23:45:13 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014.07.09 23:14:55 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.07.05 17:45:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi

========== Files - Modified Within 30 Days ==========

[2014.07.29 23:30:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.29 23:13:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.29 23:07:05 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job
[2014.07.29 22:40:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.29 15:07:38 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job
[2014.07.29 14:08:25 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.29 14:08:25 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.29 14:00:43 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.29 14:00:21 | 1406,582,784 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.26 14:44:42 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.07.26 14:44:42 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.07.26 14:44:42 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.07.26 14:44:42 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.07.26 14:44:42 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.07.23 23:42:26 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.17 13:58:17 | 001,348,263 | ---- | M] () -- C:\Users\Vendy\Desktop\adwcleaner_3.215.exe
[2014.07.15 13:59:08 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.07.10 03:23:59 | 000,323,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.07.08 11:42:25 | 000,042,040 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014.07.03 20:25:28 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014.06.30 23:25:38 | 000,010,428 | ---- | M] () -- C:\Users\Vendy\Desktop\Bez názvu.odt

========== Files Created - No Company Name ==========

[2014.07.29 14:59:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.17 13:58:10 | 001,348,263 | ---- | C] () -- C:\Users\Vendy\Desktop\adwcleaner_3.215.exe
[2014.07.15 13:59:08 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.06.30 23:25:34 | 000,010,428 | ---- | C] () -- C:\Users\Vendy\Desktop\Bez názvu.odt
[2014.03.22 10:37:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.30 04:37:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.04.30 04:37:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.03.24 19:28:58 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\FileZilla
[2014.04.13 17:34:46 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Foxit Software
[2014.03.30 13:51:04 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\LibreOffice
[2014.04.18 18:05:32 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\VitySoft

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,572 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.03.22 02:50:14 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.22 02:50:18 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.06.09 20:55:55 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job
[2014.06.09 20:56:00 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.20 06:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2010.11.20 05:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010.11.20 06:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\drivers\iaStorV.sys
[2010.11.20 06:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 06:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.11.20 06:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 06:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 06:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 06:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2010.11.20 05:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 05:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2010.11.20 06:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\drivers\nvraid.sys
[2010.11.20 06:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 06:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
[2010.11.20 06:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\drivers\nvstor.sys
[2010.11.20 06:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 06:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2014.03.22 19:54:27 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2014.03.22 19:53:52 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.11.20 06:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2014.03.22 19:53:52 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.20 06:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 06:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2010.11.20 05:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 05:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[39 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[40 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.03.22 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Adobe
[2014.05.14 22:29:00 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\ArcSoft
[2014.04.18 15:30:35 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Avira
[2014.03.24 19:28:58 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\FileZilla
[2014.04.13 17:34:46 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Foxit Software
[2014.03.22 02:07:23 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Identities
[2014.03.22 19:17:53 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\InstallShield
[2014.03.30 13:51:04 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\LibreOffice
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Media Center Programs
[2014.03.22 18:38:52 | 000,000,000 | --SD | M] -- C:\Users\Vendy\AppData\Roaming\Microsoft
[2014.06.09 21:02:28 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\Mozilla
[2014.04.18 18:05:32 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\VitySoft
[2014.07.15 00:58:18 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\vlc
[2014.04.26 18:47:27 | 000,000,000 | ---D | M] -- C:\Users\Vendy\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.04.03 22:23:15 | 000,902,208 | ---- | M] () -- C:\Users\Vendy\AppData\Roaming\Foxit Software\Foxit Cloud\Reader\unins000.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Vendy\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2014.06.09 20:55:48 | 000,116,648 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.29 23:30:55 | 000,000,512 | ---- | M] () MD5=9D3F68317BC69848FDA1A7C530C6813C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.04.18 14:21:35 | 000,004,041 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2014.04.18 18:05:51 | 000,005,592 | ---- | M] () -- \Users\Vendy\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.06.18 14:44:56 | 000,002,919 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader.htm
[2012.05.08 15:52:36 | 000,000,337 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader.mcl
[2013.04.27 16:01:10 | 000,062,496 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader32\HookLoader32.dll
[2012.06.18 14:19:14 | 000,061,440 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader32\HookLoader32.exe
[2013.04.27 16:01:12 | 000,395,808 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader32\PlayerLoader32.dll
[2013.04.27 16:02:24 | 000,071,712 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader64\HookLoader64.dll
[2012.06.18 14:19:20 | 000,068,608 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader64\HookLoader64.exe
[2013.04.27 16:01:12 | 000,516,128 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 6\PlayerLoader64\PlayerLoader64.dll
[2014.07.03 20:25:51 | 000,044,112 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2014.07.03 20:25:52 | 000,494,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2014.07.08 11:42:42 | 000,195,152 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[3 \Program Files (x86)\Avira\AntiVir Desktop\*.tmp files -> \Program Files (x86)\Avira\AntiVir Desktop\*.tmp -> ]
[2012.05.22 09:43:16 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.05.22 09:43:16 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2012.05.22 09:43:16 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2014.04.18 14:22:21 | 000,000,101 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\exclusiveloader.com.png
[2014.04.18 14:13:59 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2014.05.14 20:49:18 | 000,004,156 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\BigDownloaderCom.class
[2014.04.18 14:18:40 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2014.04.18 14:18:12 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2014.04.18 14:16:58 | 000,003,882 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderJp.class
[2012.05.22 09:43:16 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2014.02.01 02:15:50 | 000,006,866 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\pythonloader.py
[2014.02.27 17:22:32 | 000,000,171 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\pythonloader.uno.ini
[2014.02.27 17:21:14 | 000,037,904 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\pythonloaderlo.dll
[2014.02.27 00:48:28 | 000,124,248 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\classes\libloader-1.1.6.jar
[2014.02.27 06:59:10 | 000,013,883 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\python-core-3.3.3\lib\unittest\loader.py
[2014.02.27 06:59:14 | 000,050,275 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\python-core-3.3.3\lib\unittest\test\test_loader.py
[2014.02.27 17:19:40 | 000,077,328 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\URE\bin\javaloaderlo.dll
[2014.02.27 00:41:48 | 000,004,757 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\URE\java\unoloader.jar
[2007.05.03 10:56:34 | 000,000,096 | ---- | M] () -- \Program Files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\loader.ini
[2014.04.18 14:12:54 | 000,001,949 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2014.04.18 14:12:54 | 000,001,928 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2014.04.18 14:12:54 | 000,002,005 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2014.04.18 14:12:54 | 000,001,949 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2014.04.18 14:12:54 | 000,001,928 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2014.04.18 14:12:54 | 000,002,005 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2014.04.18 14:09:05 | 000,664,920 | ---- | M] () -- \Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TITOZU9Q\JDownloaderSetup_CH[1].exe
[2014.03.22 02:42:04 | 000,000,940 | ---- | M] () -- \Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OFICMQ3E\100-1-loader[1].js
[2014.03.22 02:43:05 | 000,007,806 | ---- | M] () -- \Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OFICMQ3E\product-image-loader[1].gif
[2014.03.22 02:15:12 | 000,003,061 | ---- | M] () -- \Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OFICMQ3E\rmsloaderdelayeddiv[1].js
[2014.03.22 02:43:06 | 000,002,435 | ---- | M] () -- \Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U319970W\100-1-deferred-loader[1].js
[2012.05.22 12:33:34 | 025,101,952 | ---- | M] () -- \Users\Vendy\AppData\Local\Temp\is1070216317\3484146_stp\JDownloaderSetup_IC.exe
[2014.04.18 14:13:00 | 000,002,041 | ---- | M] () -- \Users\Vendy\Desktop\JDownloader.lnk
[2014.07.15 15:18:25 | 000,019,732 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADERPORTABLE.EXE-F8DC7CA8.pf
[2010.11.20 13:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 15:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 19:54:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 19:54:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.03.22 12:23:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.03.22 12:23:39 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014.03.22 12:23:39 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014.03.22 12:23:39 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014.03.22 12:23:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 19:54:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 19:54:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

[Fanynka0012]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2014.04.29 16:24:21 | 210,597,880 | ---- | M] () -- \Users\Vendy\Downloads\škola\Učebnice AJ - Maturita Activator.pdf

< *serial* /s >
[2014.02.27 00:48:28 | 000,021,754 | ---- | M] () -- \Program Files (x86)\LibreOffice 4\program\classes\libserializer-1.1.6.jar
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.12.16 19:29:20 | 000,009,208 | ---- | M] () -- \Program Files\Paragon Software\Backup and Recovery 2014 Free\program\resource\ui\hdmdlg_setpartserial.ui
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.05.08 17:27:29 | 000,003,072 | ---- | M] () -- \Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014.05.08 17:27:29 | 000,003,608 | ---- | M] () -- \Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2014.04.10 18:11:30 | 000,000,682 | ---- | M] () -- \Users\Vendy\AppData\Roaming\Microsoft\Windows\Recent\Serial.lnk
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.03.22 20:12:38 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.22 20:14:10 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.03.22 20:17:02 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.22 20:19:38 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.04.20 17:18:04 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 17:17:55 | 002,658,304 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
[2014.04.22 17:43:12 | 003,424,768 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93693d8043d32885f194493db37ec189\System.Runtime.Serialization.ni.dll
[2014.04.22 17:43:35 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a6d5113221e92b37937dfa2725f37bf4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2014.04.18 14:47:35 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.05.15 03:06:06 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.18 14:47:34 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.05.15 03:06:04 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2010.11.20 06:55:00 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 06:50:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 06:54:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 07:45:14 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.20 07:43:54 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-tw_48d9179c34a52b86.manifest
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.04 18:52:18 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.04 18:52:10 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.22 12:23:12 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2014.03.22 12:23:12 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 07:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 07:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.04 18:52:40 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.04 18:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.04 18:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Extras:

OTL Extras logfile created on: 29.7.2014 23:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vendy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,19 Gb Available Physical Memory | 11,10% Memory free
3,49 Gb Paging File | 0,75 Gb Available in Paging File | 21,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 158,23 Gb Free Space | 53,10% Space Free | Partition Type: NTFS

Computer Name: VENDY-PC | User Name: Vendy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1495527664-3360360540-2605983402-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C47CBA-BF3B-4681-9B0A-F2535C9CE845}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B80ECE6-826E-4B9F-9E5E-A461BD9C0A75}" = lport=138 | protocol=17 | dir=in | app=system |
"{2145DB3E-6B3F-40C5-BC6C-2B5B70ADB00C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{21B80E60-4388-4CB6-BF65-6AAA835AF6D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{29CEF33F-6F2C-4191-852D-CB10E6D628CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{35950A4B-5F01-408B-A22C-65F8D97BE43B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{3CD60AFB-B32A-4C04-8D24-E3D53F9F5744}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4C6D968E-E9E6-4C83-9B31-F11422FD8BAD}" = lport=137 | protocol=17 | dir=in | app=system |
"{5066A27D-059A-4C57-8031-1782DB8A27AD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{64C779C3-67FE-4E56-9814-6E34B48C0592}" = rport=445 | protocol=6 | dir=out | app=system |
"{6668090B-F85A-4C56-B73A-6E50C94F4107}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89B43B68-0A00-4D29-90CC-F89C26D121BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{906DFF07-9330-4D9E-A1AF-8CDA4394046B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B55F3EA-66B0-4D3E-84FB-A270CE331C8C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9C55456F-0D8C-468A-BE77-3488F2F4F5D3}" = lport=139 | protocol=6 | dir=in | app=system |
"{B73FEB7A-66E4-4E1F-B9B3-3623AF00C9B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{C1425957-FEE3-4262-AC9C-BB7005EDF54C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C46F6BC0-AA8E-4A3F-82FD-1D8489173957}" = rport=138 | protocol=17 | dir=out | app=system |
"{D4E99AAB-42B4-4B5E-B1B7-4F42BCD0BCB0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E04CE765-0BFF-41F5-A0E6-DE931E382B87}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F22B896B-D212-4EB9-8DBD-932A44220A08}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBD15955-A584-4F33-AE8F-8CBC9261A2D0}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{078427F4-47A9-41C7-A4A1-1EFFFD63E5B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CE924B2-8DCF-494F-AE9C-1D91F4E8A7F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{45F9EF2D-CC8A-458A-9151-6DA6B24D191D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C31D528-9916-419F-8DD8-76F41FD2BCF5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{5E679AE8-5C4F-48AE-BAE2-1166F9DD6766}" = protocol=6 | dir=out | app=system |
"{612E2F42-B259-440B-A5AC-F40117E21D33}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{723EAAE8-5FC5-44E3-8C0E-CAB9F97A1A87}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78D9C977-B573-495B-B3C7-BAC7D85EDE08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8293E141-5495-4306-88B1-1C88417BF885}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9363B5C9-9ABB-419B-9E6D-555C1EE76FF1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9A8E9129-4EBD-44BC-A302-8225A28343C5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9F7CCB1B-FFE2-4B1B-9419-87DF9F1102D3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A8B41F32-ADE7-4290-9F03-84869547C2C3}" = dir=in | app=c:\program files (x86)\toshiba viewer v2\gdi&twain\wsproxy.exe |
"{B03BFD3B-F19E-4478-A3B3-2B25E45AC0B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1AA57F9-0D07-4DF9-ADF0-C7426E90F0CE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5E01FAE-1EB2-4D64-B3BE-09A796D2AE29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDCDEF21-D163-46C9-B86E-EA79B06DFF04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0D1F82A-7C06-438B-8BDA-5F7B6A8C67DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D37DBD84-5AB2-4266-BA2C-D3649F05CAB5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E052089D-6279-46C6-B6B8-324867EFAD89}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3055287-AB42-4176-88C1-FBED12BA2B0C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{E6BF3DEA-2124-4634-BDE5-145F6DA75B2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FB9A0C4D-6815-4AA0-9633-E4C6015F8E21}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{FF1C1482-298D-48EA-B7ED-EBA6B2C03491}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0BEB10A3-84A8-4FCE-9BB8-1F3DF7F30CBA}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"TCP Query User{5B28EB11-2011-4D7B-8643-7E9E00C90B8B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{9858A89F-29A0-494B-9731-B7E553EB24D0}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe |
"TCP Query User{B196088B-BB56-4185-BE77-6B5C1A6486D3}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"TCP Query User{E2E669E0-729E-40F6-8C34-4D4007C9E9E1}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe |
"TCP Query User{EC8E22F1-6D6F-4026-807A-F085FDF207F0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{24DCEEF5-EE43-4843-B27D-DFE77E811765}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"UDP Query User{4736CB19-C058-469D-8436-05C766F86096}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{69CAF7CC-8A03-4F23-928C-B05FB30F5A55}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{6D996ABF-6D2C-42F3-BD69-0E720FE51DD7}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe |
"UDP Query User{95424384-2DFE-45D4-B2AB-FC3BE95F3C11}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"UDP Query User{FFBDE8E1-12DE-40FE-BE2A-8E56E62D97B6}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2014 Free
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}" = LibreOffice 4.2.2.1
"{142be4a8-895b-4ed9-b1ff-11c76357e3df}" = Avira
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = CloudReading
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5232358C-7C23-4319-8271-E43F924196AC}" = ArcSoft TotalMedia Theatre 6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C7C541AC-B0F5-4D7C-BA2F-34A70D213FF0}" = Avira
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Avira AntiVir Desktop" = Avira Free Antivirus
"FileZilla Client" = FileZilla Client 3.7.4.1
"Foxit Reader_is1" = Foxit Reader
"GDI&TWAIN" = Ovladače tiskárny a skeneru TOSHIBA
"Google Chrome" = Google Chrome
"InstallShield_{5232358C-7C23-4319-8271-E43F924196AC}" = ArcSoft TotalMedia Theatre 6
"TeamViewer 9" = TeamViewer 9
"ToshibaViewerV2" = TOSHIBA Viewer V2
"VLC media player" = VLC media player 2.1.3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.5.2014 7:13:20 | Computer Name = Vendy-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Avira.OE.ServiceHost.exe, verze: 1.1.12.20002,
časové razítko: 0x53674d9b Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521ea8e7 Kód výjimky: 0xc0000005 Posun chyby: 0x00038e19 ID chybujícího
procesu: 0x83c Čas spuštění chybující aplikace: 0x01cf6e9c30628eea Cesta k chybující
aplikaci: C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe Cesta k
chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 96d55aca-da8f-11e3-b2c5-e02a82d485e3

Error - 26.5.2014 11:25:37 | Computer Name = Vendy-PC | Source = WilC2 [TOSHIBA e-STUDIO166] | ID = 1
Description = Wil32C2 driver for device TOSHIBA e-STUDIO166 The driver failed to
start Nepodařilo se otevřít port "COM4" - port může být využíván jinou aplikací nebo
název portu možná není zadán správně.

Error - 26.5.2014 11:26:44 | Computer Name = Vendy-PC | Source = WilC2 [TOSHIBA e-STUDIO166] | ID = 1
Description = Wil32C2 driver for device TOSHIBA e-STUDIO166 The driver failed to
start Zařízení nebo přístav zmizel

Error - 26.5.2014 13:02:04 | Computer Name = Vendy-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Foxit Reader Updater.exe, verze: 6.1.2.1226,
časové razítko: 0x52ca6719 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00750067 ID chybujícího
procesu: 0x884 Čas spuštění chybující aplikace: 0x01cf78fc44919091 Cesta k chybující
aplikaci: C:\Users\Vendy\AppData\Local\Temp\Foxit Reader Updater.exe Cesta k chybujícímu
modulu: unknown ID zprávy: 758f4d12-e4f7-11e3-838e-e02a82d485e3

Error - 29.5.2014 15:43:49 | Computer Name = Vendy-PC | Source = WilC2 [TOSHIBA e-STUDIO166] | ID = 1
Description = Wil32C2 driver for device TOSHIBA e-STUDIO166 The driver failed to
start Nepodařilo se otevřít port "COM4" - port může být využíván jinou aplikací nebo
název portu možná není zadán správně.

Error - 9.6.2014 15:40:11 | Computer Name = Vendy-PC | Source = WilC2 [TOSHIBA e-STUDIO166] | ID = 1
Description = Wil32C2 driver for device TOSHIBA e-STUDIO166 The driver failed to
start Nepodařilo se otevřít port "COM4" - port může být využíván jinou aplikací nebo
název portu možná není zadán správně.

Error - 26.6.2014 6:46:56 | Computer Name = Vendy-PC | Source = WilC2 [TOSHIBA e-STUDIO166] | ID = 1
Description = Wil32C2 driver for device TOSHIBA e-STUDIO166 The driver failed to
start Nepodařilo se otevřít port "COM4" - port může být využíván jinou aplikací nebo
název portu možná není zadán správně.

Error - 15.7.2014 7:57:47 | Computer Name = Vendy-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu Avira Service Host nelze ukončit.

Error - 15.7.2014 7:58:19 | Computer Name = Vendy-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 15.7.2014 7:58:29 | Computer Name = Vendy-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Avira.OE.Systray.exe, verze: 0.0.0.0, časové
razítko: 0x53b136be Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409,
časové razítko: 0x53159a86 Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0xbb0 Čas spuštění chybující aplikace: 0x01cfa0229b937dae Cesta k chybující
aplikaci: C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe Cesta k chybujícímu
modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 553f29ad-0c17-11e4-b56c-e02a82d485e3

[ System Events ]
Error - 17.7.2014 3:42:14 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 17.7.2014 6:58:06 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 17.7.2014 8:09:13 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 26.7.2014 8:38:39 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 26.7.2014 8:39:49 | Computer Name = Vendy-PC | Source = DCOM | ID = 10010
Description =

Error - 26.7.2014 8:58:59 | Computer Name = Vendy-PC | Source = DCOM | ID = 10010
Description =

Error - 27.7.2014 17:43:12 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 28.7.2014 8:22:08 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 29.7.2014 8:00:31 | Computer Name = Vendy-PC | Source = Service Control Manager | ID = 7000
Description = Služba Broadcom Wireless LAN Tray Service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 29.7.2014 12:37:00 | Computer Name = Vendy-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.


< End of report >

Děkuji za Váš čas

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\Vendy\Desktop)




Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1495527664-3360360540-2605983402-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[39 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[40 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=-
"SunJavaUpdateSched"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Fanynka0012]

Zdravím,

děkuji za čas, který věnujete mému problému. Velikost adresáře plochy je 6,60 GB.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Vendy
->Temp folder emptied: 791924119 bytes
->Temporary Internet Files folder emptied: 71287256 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 406630848 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 169483972 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43274806 bytes
RecycleBin emptied: 1612751 bytes

Total Files Cleaned = 1 415,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Vendy

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1495527664-3360360540-2605983402-1000UA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1495527664-3360360540-2605983402-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4559.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP79A2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A5D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCDD9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7BC4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD4BC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF40E.tmp folder deleted successfully.
C:\Windows\Installer\MSI15B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI330.tmp- folder deleted successfully.
C:\Windows\Installer\MSI440B.tmp- folder deleted successfully.
C:\Windows\Installer\MSI508C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI559C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6693.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6BAD.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6E2E.tmp- folder deleted successfully.
C:\Windows\Installer\MSI70FD.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8385.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8E81.tmp- folder deleted successfully.
C:\Windows\Installer\MSI8F09.tmp- folder deleted successfully.
C:\Windows\Installer\MSI916F.tmp- folder deleted successfully.
C:\Windows\Installer\MSI929A.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9440.tmp- folder deleted successfully.
C:\Windows\Installer\MSI94FC.tmp- folder deleted successfully.
C:\Windows\Installer\MSI98B5.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9B58.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9B61.tmp- folder deleted successfully.
C:\Windows\Installer\MSI9CD9.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA6BA.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA7E3.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA8CE.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA9A4.tmp- folder deleted successfully.
C:\Windows\Installer\MSIAB1B.tmp- folder deleted successfully.
C:\Windows\Installer\MSIAC29.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB49F.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB58A.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB684.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB77F.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB9D9.tmp- folder deleted successfully.
C:\Windows\Installer\MSIBDE0.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC2A7.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC9C4.tmp- folder deleted successfully.
C:\Windows\Installer\MSICC16.tmp- folder deleted successfully.
C:\Windows\Installer\MSICD30.tmp- folder deleted successfully.
C:\Windows\Installer\MSIE16C.tmp- folder deleted successfully.
C:\Windows\Installer\MSIE2B9.tmp- folder deleted successfully.
C:\Windows\Installer\MSIE8DC.tmp- folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AMD AVT deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08042014_210432

Files\Folders moved on Reboot...
C:\Users\Vendy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
C:\Users\Vendy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Vendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

děkuji za čas, který věnujete mému problému.

Nemate vubec zac

Velikost adresáře plochy je 6,60 GB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[Fanynka0012]

Zdravím,
pc je o trochu rychlejší, ale stále to není žádná sláva.
Zkoušela jsem, jestli se zase za nějaký čas užívání nezpomalí nebo nezrychlí, ale je to stejné.
V*******
-------------------------------------
Editoval pavuk29

[Pavuk29]

Nepis sem svoje meno, internet nie je prave najbezpecnejsia vec.
Zmazal som ti ho v tvojom vlastnom zaujme. Prepac za editaciu prispevku, robim to len vtedy, ked to pokladam za nutne.

[Márty84]

Omlouvam se za pozdni reakci, nemel jsem pristup k internetu.

Podivame se tedy hlobeji.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku