Prosím o překontrolování mého logu :
Logfile of random's system information tool 1.09 (written by random/random)
Run by ROMAN at 2011-10-12 21:50:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 17 GB (9%) free of 191 GB
Total RAM: 4094 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:04, on 12.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\eLearn\eLearn.exe
C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
C:\Program Files\trend micro\ROMAN.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files (x86)\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} (FormelEditor Control) - file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cerberus FTP Server - Cerberus, LLC - C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EWA net DB Core - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
O23 - Service: EWA net DB EPC - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
O23 - Service: EWA net DB WIS - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
O23 - Service: EWA net Server - Alexandria Software Consulting - C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SnugTV Service - Unknown owner - C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16241 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x320
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WinFast\WFDTV\WFWIZ.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
"C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
taskeng.exe {5CD074B0-69AA-482B-B55B-6F015FFD1693}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Program Files\ASUS\Six Engine\SixEngine.exe" -b
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe" -Service
"C:\ASUS.SYS\config\DVMExportService.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe"
"C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe"
"C:\Program Files (x86)\EWA net\server\bin\tomcat.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe" -Embedding
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sFORDECATDB
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe"
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4064
"C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe" -dedi 30319 -inactivity 0
"C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe" -dedi 25525 -inactivity 0 -crypt
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k secsvcs
"C:\eLearn\eLearn.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe" --channel=4816.108efd40.882858666 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox 3\omni.jar" 4816 "\\.\pipe\gecko-crash-server-pipe.4816" plugin
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 78AA4EF4-2059-9637-AD98-74D8E5DD5C47 -Reinvoke
"C:\Users\ROMAN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "file://///WL-500GPV2/part0/intra/index.html"
prefs.js - "extensions.enabledItems" - "LogMeInClient@logmein.com:1.0.0.608, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Windows\system32\TVUAx\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666]
"Description"=12.0.1.666
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox 3\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox 3\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
IICAClient.xpt
C:\Program Files (x86)\Mozilla Firefox 3\plugins\
cgpcfg.dll
CgpCore.dll
confmgr.dll
ctxmui.dll
ICAClObj.class
icafile.dll
icalogon.dll
logging.dll
np-mswmp.dll
npdeployJava1.dll
npicaN.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpjplug.dll
npwachk.dll
nsjsrealplayerplugin.xpt
sslsdk_b.dll
TcpPServ.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox 3\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\
engine@conduit.com
firefox@tvunetworks.com
LogMeInClient@logmein.com
maps@ovi.com
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin.xml
qipsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll [2002-12-03 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2010-01-27 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-25 136176]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-06-09 2920448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\602PC SUITE PDF Saver]
C:\Program Files (x86)\Common Files\soft602\pdfSaver.exe [2005-08-31 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-12-14 47904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
C:\Program Files (x86)\ABBYY FineReader 7.0 Professional Edition\ABBYYNewsReader.exe [2005-01-23 290816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files (x86)\FlashGet Network\FlashGet universal\flashget.exe /min []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-25 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-01-25 421160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 1226024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\CyberLink\PlayMovie\PMVService.exe [2008-09-24 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\ROMAN\AppData\Roaming\QipGuard\QipGuard.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
C:\Program Files (x86)\CyberLink\TV Enhance\TVEService.exe [2008-10-23 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-06-09 2920448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2010-06-09 101888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ROMAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-24 2245120]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-03 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"TurboV EVO"=C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [2009-09-10 7322624]
"iTraffic Monitor"=C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe [2009-04-22 942080]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-08-28 273528]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2010-06-09 101888]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-02-06 170496]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-03-21 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-10-09 21:27:51 ----D---- C:\Program Files\Common Files\Macrovision Shared
2011-10-09 21:26:08 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-10-09 21:26:08 ----D---- C:\Program Files\Autodesk
2011-10-09 21:25:40 ----D---- C:\Program Files (x86)\Autodesk
2011-10-07 14:15:17 ----D---- C:\Users\ROMAN\AppData\Roaming\Autodesk
2011-10-07 14:15:17 ----D---- C:\ProgramData\Autodesk
2011-10-06 21:22:14 ----D---- C:\Program Files (x86)\DynGate
2011-10-06 21:10:17 ----D---- C:\Program Files (x86)\QS
2011-10-06 21:02:59 ----D---- C:\Users\ROMAN\AppData\Roaming\TeamViewer
2011-10-06 21:02:16 ----D---- C:\Program Files (x86)\TeamViewer
2011-10-04 20:49:41 ----D---- C:\Users\ROMAN\AppData\Roaming\QIP
2011-10-04 20:49:15 ----D---- C:\Program Files (x86)\QIP 2010
======List of files/folders modified in the last 1 month======
2011-10-12 21:50:06 ----D---- C:\Windows\Temp
2011-10-12 21:50:03 ----D---- C:\Program Files\trend micro
2011-10-12 21:19:42 ----D---- C:\Program Files (x86)\Mozilla Firefox 3
2011-10-12 21:18:12 ----D---- C:\Windows\system32\catroot2
2011-10-12 21:18:12 ----D---- C:\Windows\system32\catroot
2011-10-12 21:07:10 ----D---- C:\Windows\winsxs
2011-10-12 21:02:26 ----D---- C:\Windows\system32\config
2011-10-12 21:00:10 ----D---- C:\Windows\SYSWOW64\logishrd
2011-10-12 21:00:10 ----D---- C:\Windows\system32\logishrd
2011-10-12 21:00:09 ----D---- C:\ProgramData\LogMeIn
2011-10-12 20:58:54 ----D---- C:\Windows\system32\Tasks
2011-10-12 20:57:48 ----A---- C:\Windows\SYSWOW64\DTVWizard_LOG.txt
2011-10-10 19:59:33 ----D---- C:\Windows\System32
2011-10-10 19:59:33 ----D---- C:\Windows\inf
2011-10-10 19:59:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-10 19:37:54 ----D---- C:\Windows\Prefetch
2011-10-10 19:32:18 ----D---- C:\ProgramData\FLEXnet
2011-10-10 19:03:07 ----D---- C:\Windows\Microsoft.NET
2011-10-09 21:32:58 ----SHD---- C:\Windows\Installer
2011-10-09 21:32:44 ----RSD---- C:\Windows\assembly
2011-10-09 21:29:53 ----D---- C:\Windows\Downloaded Program Files
2011-10-09 21:27:51 ----D---- C:\Program Files\Common Files
2011-10-09 21:27:26 ----RSD---- C:\Windows\Fonts
2011-10-09 21:27:25 ----D---- C:\Windows\SysWOW64
2011-10-09 21:26:08 ----RD---- C:\Program Files
2011-10-09 21:25:40 ----RD---- C:\Program Files (x86)
2011-10-09 21:24:39 ----D---- C:\Program Files (x86)\Common Files
2011-10-09 21:24:13 ----SHD---- C:\System Volume Information
2011-10-09 21:24:07 ----AD---- C:\Windows
2011-10-09 21:23:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-10-09 21:22:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-10-09 21:22:05 ----D---- C:\Windows\system32\cs-CZ
2011-10-07 19:32:32 ----D---- C:\Program Files (x86)\LogMeIn
2011-10-07 19:00:53 ----A---- C:\Windows\system32\LMIRfsClientNP.dll
2011-10-07 19:00:53 ----A---- C:\Windows\system32\LMIport.dll
2011-10-07 19:00:53 ----A---- C:\Windows\system32\LMIinit.dll
2011-10-07 15:55:44 ----D---- C:\FIREFOX STAHOVANI
2011-10-07 14:15:17 ----D---- C:\ProgramData
2011-10-05 16:18:15 ----D---- C:\Windows\Tasks
2011-10-04 22:44:21 ----D---- C:\Program Files (x86)\ICQ6.5
2011-10-04 22:44:20 ----D---- C:\Users\ROMAN\AppData\Roaming\Skype
2011-10-04 22:44:20 ----D---- C:\Users\ROMAN\AppData\Roaming\ICQ
2011-10-04 20:57:12 ----D---- C:\Users\ROMAN\AppData\Roaming\skypePM
2011-10-04 18:09:56 ----D---- C:\Windows\system32\DriverStore
2011-09-29 19:24:53 ----A---- C:\Windows\SYSWOW64\Dvbpws.dll
2011-09-29 19:13:02 ----D---- C:\Program Files\WinFast
2011-09-29 19:13:00 ----D---- C:\Windows\SYSWOW64\WinFast
2011-09-29 19:12:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-29 18:44:02 ----D---- C:\Windows\system32\drivers
2011-09-28 17:45:49 ----A---- C:\Windows\system32\MRT.exe
2011-09-21 21:41:05 ----D---- C:\Users\ROMAN\AppData\Roaming\Adobe
2011-09-21 21:41:05 ----D---- C:\ProgramData\Adobe
2011-09-19 22:38:05 ----D---- C:\Users\ROMAN\AppData\Roaming\vlc
2011-09-19 17:51:02 ----D---- C:\ProgramData\ArcSoft
2011-09-15 18:14:50 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EUBAKUP;EUBAKUP; C:\Windows\sysWow64\drivers\eubakup.sys [2009-12-02 30600]
R0 EUFS;EUFS; C:\Windows\sysWow64\drivers\eufs.sys [2009-12-02 26504]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-07-18 109480]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-30 503352]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 288088]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 45400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 NEOFLTR_650_16339;Juniper Networks TDI Filter Driver (NEOFLTR_650_16339); \??\C:\Windows\system32\Drivers\NEOFLTR_650_16339.SYS [2010-08-03 100472]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 64856]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2010-01-27 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-01-27 72216]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 7451648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-04 268288]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 EuDisk;EASEUS Disk Enumerator; C:\Windows\system32\DRIVERS\EuDisk.sys [2009-12-02 137608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-01-27 11552]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2010-07-27 339040]
R3 LVUVC64;Logitech Webcam C160(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2010-07-27 6465632]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MTSBDA;TechniSat SkyStar HD2; C:\Windows\System32\Drivers\MtsBda.sys [2009-07-13 344592]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-10 1222144]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2005-09-09 47104]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 ATICDSDr;ATICDSDr; \??\C:\Users\ROMAN\AppData\Local\Temp\ATICDSDr.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-08-31 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 7451648]
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2009-10-19 511232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 EUDSKACS;EUDSKACS; \??\C:\Windows\sysWow64\drivers\eudskacs.sys [2009-12-02 17800]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2010-07-27 271712]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-04 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-10-09 389120]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 Cerberus FTP Server;Cerberus FTP Server; C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe [2011-05-17 5376832]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 EWA net DB Core;EWA net DB Core; C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe [2008-04-04 417792]
R2 EWA net DB EPC;EWA net DB EPC; C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe [2007-11-27 417792]
R2 EWA net DB WIS;EWA net DB WIS; C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe [2008-04-04 417792]
R2 EWA net Server;EWA net Server; C:\Program Files (x86)\EWA net\server\bin\tomcat.exe [2003-07-31 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2011-10-07 147336]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2010-11-08 407424]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
R2 MSSQL$FORDECATDB;SQL Server (FORDECATDB); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2008-10-23 241734]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [2008-10-23 364635]
R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [2008-10-23 172121]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2009-12-17 53408]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SnugTV Service;SnugTV Service; C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-09 1431888]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2011-01-25 933664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu WIN7_64BIT
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
Zdravim a pekny vecer preji 
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
Dobrý večer, tady jsou oba dva logy :
OTL logfile created on: 12.10.2011 21:56:30 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 46,88% Memory free
7,99 Gb Paging File | 5,62 Gb Available in Paging File | 70,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 16,31 Gb Free Space | 8,76% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,27 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive F: | 541,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
PRC - [2011.09.30 21:47:22 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
PRC - [2011.09.30 21:47:22 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
PRC - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.08.28 17:07:48 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.06.09 13:53:26 | 000,101,888 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2010.05.07 19:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.09.10 10:34:12 | 007,322,624 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.09.09 17:02:26 | 006,060,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.08.19 19:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.08.01 05:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.06.19 19:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.04.22 14:44:12 | 000,942,080 | ---- | M] (Charles DeWeese) -- C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
PRC - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009.02.06 17:02:16 | 000,170,496 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
PRC - [2008.04.04 14:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.30 21:47:22 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 3\mozjs.dll
MOD - [2011.09.26 18:19:22 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010.05.03 10:07:14 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2009.08.27 19:41:46 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 19:41:46 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.08.01 05:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2009.05.22 14:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsusService.dll
MOD - [2009.04.01 14:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2008.12.02 11:04:26 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.09 21:27:51 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.08.04 03:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.07 19:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.07 19:00:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.07 19:00:53 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.11.08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS)
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core)
SRV - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe -- (EWA net Server)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.03.30 19:14:07 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.31 15:11:07 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 03:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.08.03 09:23:04 | 000,100,472 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_650_16339.SYS -- (NEOFLTR_650_16339) Juniper Networks TDI Filter Driver (NEOFLTR_650_16339)
DRV:64bit: - [2010.07.27 10:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C160(UVC)
DRV:64bit: - [2010.07.27 10:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.07.27 10:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.07.15 14:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.01.27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.01.27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2009.12.02 12:20:56 | 000,137,608 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EuDisk.sys -- (EuDisk)
DRV:64bit: - [2009.10.21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV:64bit: - [2009.10.19 05:32:40 | 000,511,232 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF35.sys -- (AVerAF35)
DRV:64bit: - [2009.07.18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 07:34:38 | 000,344,592 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MtsBda.sys -- (MTSBDA)
DRV:64bit: - [2009.07.10 05:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.09.09 06:02:29 | 000,047,104 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2010.01.27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.12.02 12:21:00 | 000,026,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eufs.sys -- (EUFS)
DRV - [2009.12.02 12:20:58 | 000,017,800 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009.12.02 12:20:56 | 000,030,600 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.05.16 17:41:28 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.12.23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.08.11 08:39:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "file://///WL-500GPV2/part0/intra/index.html"
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 3\components [2011.09.30 21:47:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 3\plugins [2011.08.28 17:08:53 | 000,000,000 | ---D | M]
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Extensions
[2011.10.12 21:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions
[2011.10.12 21:17:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com
[2011.08.27 23:54:15 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\firefox@tvunetworks.com
[2011.07.03 16:44:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com
[2011.04.23 19:01:31 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\maps@ovi.com
[2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml
[2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml
[2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml
[2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml
[2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml
[2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml
[2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml
[2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml
[2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml
[2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml
[2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
========== Chrome ==========
CHR - default_search_provider: QIP Search (Enabled)
CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: CacheList = C:\Users\ROMAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\1.1.4_1\
O1 HOSTS File: ([2011.08.31 21:07:57 | 000,000,191 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (SnapFlash Class) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll (justDo Software)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe (Charles DeWeese)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8:64bit: - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra 'Tools' menuitem : Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx (FormelEditor Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F14682-7CF1-4ACC-AB77-273B148D4CB8}: DhcpNameServer = 10.0.0.138 10.0.0.50
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.14 14:35:32 | 000,000,062 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.12 21:54:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.10 19:33:40 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\cache
[2011.10.09 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\Inventor
[2011.10.09 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.10.09 21:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011.10.09 21:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011.10.09 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DynGate
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DynGate
[2011.10.06 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer
[2011.10.06 21:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2011.10.06 21:10:13 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\temp
[2011.10.06 21:02:59 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.10.06 21:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
[2011.10.12 21:10:05 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.10.12 21:07:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.12 21:07:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.12 21:06:44 | 000,337,913 | ---- | M] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.12 20:56:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.12 20:56:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.10.12 20:56:10 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.10 19:59:33 | 001,719,944 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.10 19:59:33 | 000,718,790 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.10.10 19:59:33 | 000,702,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.10 19:59:33 | 000,160,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.10.10 19:59:33 | 000,140,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.10 19:37:12 | 000,294,767 | ---- | M] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.10 18:52:37 | 005,160,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.09 21:31:48 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.09 21:23:22 | 001,701,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011.10.07 19:00:53 | 000,080,768 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011.10.07 19:00:53 | 000,034,688 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011.10.07 13:44:45 | 000,002,397 | ---- | M] () -- C:\Users\ROMAN\Desktop\Google Chrome.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | M] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
OTL logfile created on: 12.10.2011 21:56:30 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 46,88% Memory free
7,99 Gb Paging File | 5,62 Gb Available in Paging File | 70,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 16,31 Gb Free Space | 8,76% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,27 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive F: | 541,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
PRC - [2011.09.30 21:47:22 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
PRC - [2011.09.30 21:47:22 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
PRC - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.08.28 17:07:48 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.06.09 13:53:26 | 000,101,888 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2010.05.07 19:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.09.10 10:34:12 | 007,322,624 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.09.09 17:02:26 | 006,060,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.08.19 19:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.08.01 05:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.06.19 19:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.04.22 14:44:12 | 000,942,080 | ---- | M] (Charles DeWeese) -- C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
PRC - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009.02.06 17:02:16 | 000,170,496 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
PRC - [2008.04.04 14:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.30 21:47:22 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 3\mozjs.dll
MOD - [2011.09.26 18:19:22 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010.05.03 10:07:14 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2009.08.27 19:41:46 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 19:41:46 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.08.01 05:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2009.05.22 14:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsusService.dll
MOD - [2009.04.01 14:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2008.12.02 11:04:26 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.09 21:27:51 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.08.04 03:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.07 19:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.07 19:00:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.07 19:00:53 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.11.08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS)
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core)
SRV - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe -- (EWA net Server)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.03.30 19:14:07 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.31 15:11:07 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 03:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.08.03 09:23:04 | 000,100,472 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_650_16339.SYS -- (NEOFLTR_650_16339) Juniper Networks TDI Filter Driver (NEOFLTR_650_16339)
DRV:64bit: - [2010.07.27 10:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C160(UVC)
DRV:64bit: - [2010.07.27 10:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.07.27 10:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.07.15 14:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.01.27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.01.27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2009.12.02 12:20:56 | 000,137,608 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EuDisk.sys -- (EuDisk)
DRV:64bit: - [2009.10.21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV:64bit: - [2009.10.19 05:32:40 | 000,511,232 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF35.sys -- (AVerAF35)
DRV:64bit: - [2009.07.18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 07:34:38 | 000,344,592 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MtsBda.sys -- (MTSBDA)
DRV:64bit: - [2009.07.10 05:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.09.09 06:02:29 | 000,047,104 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2010.01.27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.12.02 12:21:00 | 000,026,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eufs.sys -- (EUFS)
DRV - [2009.12.02 12:20:58 | 000,017,800 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009.12.02 12:20:56 | 000,030,600 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.05.16 17:41:28 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.12.23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.08.11 08:39:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "file://///WL-500GPV2/part0/intra/index.html"
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 3\components [2011.09.30 21:47:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 3\plugins [2011.08.28 17:08:53 | 000,000,000 | ---D | M]
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Extensions
[2011.10.12 21:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions
[2011.10.12 21:17:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com
[2011.08.27 23:54:15 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\firefox@tvunetworks.com
[2011.07.03 16:44:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com
[2011.04.23 19:01:31 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\maps@ovi.com
[2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml
[2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml
[2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml
[2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml
[2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml
[2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml
[2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml
[2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml
[2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml
[2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml
[2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
========== Chrome ==========
CHR - default_search_provider: QIP Search (Enabled)
CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: CacheList = C:\Users\ROMAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\1.1.4_1\
O1 HOSTS File: ([2011.08.31 21:07:57 | 000,000,191 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (SnapFlash Class) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll (justDo Software)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe (Charles DeWeese)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8:64bit: - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra 'Tools' menuitem : Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx (FormelEditor Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F14682-7CF1-4ACC-AB77-273B148D4CB8}: DhcpNameServer = 10.0.0.138 10.0.0.50
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.14 14:35:32 | 000,000,062 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.12 21:54:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.10 19:33:40 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\cache
[2011.10.09 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\Inventor
[2011.10.09 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.10.09 21:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011.10.09 21:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011.10.09 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DynGate
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DynGate
[2011.10.06 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer
[2011.10.06 21:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2011.10.06 21:10:13 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\temp
[2011.10.06 21:02:59 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.10.06 21:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
[2011.10.12 21:10:05 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.10.12 21:07:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.12 21:07:18 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.12 21:06:44 | 000,337,913 | ---- | M] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.12 20:56:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.12 20:56:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.10.12 20:56:10 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.10 19:59:33 | 001,719,944 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.10 19:59:33 | 000,718,790 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.10.10 19:59:33 | 000,702,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.10 19:59:33 | 000,160,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.10.10 19:59:33 | 000,140,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.10 19:37:12 | 000,294,767 | ---- | M] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.10 18:52:37 | 005,160,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.09 21:31:48 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.09 21:23:22 | 001,701,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011.10.07 19:00:53 | 000,080,768 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011.10.07 19:00:53 | 000,034,688 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011.10.07 13:44:45 | 000,002,397 | ---- | M] () -- C:\Users\ROMAN\Desktop\Google Chrome.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | M] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
========== Files Created - No Company Name ==========
[2011.10.12 21:59:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.12 21:07:08 | 000,337,913 | ---- | C] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | C] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | C] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.07.31 15:17:04 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2011.07.31 15:17:04 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2011.07.31 15:16:57 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2011.07.31 15:16:57 | 000,307,200 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2011.07.31 15:16:57 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2011.07.31 15:16:57 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2011.07.31 15:16:57 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2011.07.31 15:16:57 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2011.07.31 15:16:57 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2011.07.31 13:13:25 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2011.07.31 12:35:44 | 000,000,024 | ---- | C] () -- C:\Windows\softcsa.ini
[2011.07.30 20:07:58 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.07.21 17:55:26 | 000,007,630 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\resmon.resmoncfg
[2011.06.07 23:10:27 | 000,001,606 | ---- | C] () -- C:\Windows\SysWow64\font.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.30 19:37:02 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.03.30 18:16:55 | 000,001,316 | ---- | C] () -- C:\Windows\RBSystem.ini
[2011.03.30 18:13:05 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.03.30 18:09:30 | 000,000,670 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.03.06 12:47:07 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.03.03 19:18:40 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.02.24 20:42:06 | 000,000,816 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.22 12:11:24 | 000,178,441 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.02.22 12:05:14 | 000,001,000 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.18 20:55:00 | 000,001,261 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:51:24 | 000,001,048 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.02.08 11:56:55 | 000,213,640 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.18 15:33:58 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2010.11.13 19:58:56 | 001,701,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 20:29:20 | 000,454,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.10.07 21:07:04 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2010.09.27 19:50:17 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.09.27 19:50:17 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.09.15 07:54:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.13 20:01:32 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2010.09.13 20:01:32 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2010.09.13 20:01:32 | 000,004,528 | ---- | C] () -- C:\Windows\SysWow64\SETBROWS.EXE
[2010.09.10 09:40:36 | 000,005,860 | ---- | C] () -- C:\Windows\SysWow64\FMCodec.dat
[2010.09.05 22:17:43 | 000,000,917 | ---- | C] () -- C:\Windows\SysWow64\CLWatson.ini
[2010.09.03 21:22:40 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.09.03 21:22:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.09.03 21:22:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.09.03 21:22:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.09.03 21:22:35 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.09.01 23:16:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.09.01 10:13:48 | 000,000,088 | RHS- | C] () -- C:\ProgramData\720CD3C192.sys
[2010.09.01 10:13:47 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.31 20:33:16 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010.08.31 20:33:14 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010.08.31 20:26:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.31 18:20:10 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.31 18:12:04 | 000,081,920 | R--- | C] () -- C:\Windows\WiaInst.exe
[2010.08.31 17:17:02 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.08.31 14:44:09 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.08.31 14:44:09 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.08.31 14:39:19 | 000,035,975 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.08.31 14:38:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.31 14:38:54 | 000,026,147 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.07.27 10:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.07.27 10:03:20 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.07.27 10:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.01.25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\SysWow64\OGAEXEC.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== LOP Check ==========
[2011.10.10 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.06.15 21:23:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\BITS
[2011.07.30 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.04 18:48:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Citrix
[2010.09.03 23:05:46 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\DAEMON Tools Lite
[2011.06.14 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FileZilla
[2011.03.03 19:08:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGet
[2010.08.31 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGetBHO
[2011.06.18 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Free Download Manager
[2011.07.11 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GeoGet
[2011.02.07 16:43:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GetRightToGo
[2010.09.01 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GHISLER
[2010.12.04 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICAClient
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICQ
[2010.11.01 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Jpeg Resampler
[2010.09.19 21:01:09 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks
[2010.11.05 23:10:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Leadertech
[2010.09.05 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\NCH Swift Sound
[2011.05.27 08:05:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nokia
[2010.11.07 23:25:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Opera
[2011.05.27 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PC Suite
[2010.09.17 20:30:13 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PDF reDirect
[2011.04.12 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PeaZip
[2010.09.05 22:23:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PowerCinema
[2011.10.04 20:49:41 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.08.28 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca
[2010.09.13 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Software602
[2010.09.10 20:11:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\streamripper
[2011.10.06 21:22:36 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.06.18 20:40:28 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\UDC Profiles
[2011.06.08 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Ulead Systems
[2011.06.10 23:02:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\uTorrent
[2011.08.18 19:44:33 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\VSRevoGroup
[2011.05.15 18:29:27 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[22 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2011.10.12 21:59:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.12 21:07:08 | 000,337,913 | ---- | C] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | C] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | C] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.07.31 15:17:04 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2011.07.31 15:17:04 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2011.07.31 15:16:57 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2011.07.31 15:16:57 | 000,307,200 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2011.07.31 15:16:57 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2011.07.31 15:16:57 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2011.07.31 15:16:57 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2011.07.31 15:16:57 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2011.07.31 15:16:57 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2011.07.31 13:13:25 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2011.07.31 12:35:44 | 000,000,024 | ---- | C] () -- C:\Windows\softcsa.ini
[2011.07.30 20:07:58 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.07.21 17:55:26 | 000,007,630 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\resmon.resmoncfg
[2011.06.07 23:10:27 | 000,001,606 | ---- | C] () -- C:\Windows\SysWow64\font.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.30 19:37:02 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.03.30 18:16:55 | 000,001,316 | ---- | C] () -- C:\Windows\RBSystem.ini
[2011.03.30 18:13:05 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.03.30 18:09:30 | 000,000,670 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.03.06 12:47:07 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.03.03 19:18:40 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.02.24 20:42:06 | 000,000,816 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.22 12:11:24 | 000,178,441 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.02.22 12:05:14 | 000,001,000 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.18 20:55:00 | 000,001,261 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:51:24 | 000,001,048 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.02.08 11:56:55 | 000,213,640 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.18 15:33:58 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2010.11.13 19:58:56 | 001,701,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 20:29:20 | 000,454,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.10.07 21:07:04 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2010.09.27 19:50:17 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.09.27 19:50:17 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.09.15 07:54:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.13 20:01:32 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2010.09.13 20:01:32 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2010.09.13 20:01:32 | 000,004,528 | ---- | C] () -- C:\Windows\SysWow64\SETBROWS.EXE
[2010.09.10 09:40:36 | 000,005,860 | ---- | C] () -- C:\Windows\SysWow64\FMCodec.dat
[2010.09.05 22:17:43 | 000,000,917 | ---- | C] () -- C:\Windows\SysWow64\CLWatson.ini
[2010.09.03 21:22:40 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.09.03 21:22:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.09.03 21:22:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.09.03 21:22:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.09.03 21:22:35 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.09.01 23:16:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.09.01 10:13:48 | 000,000,088 | RHS- | C] () -- C:\ProgramData\720CD3C192.sys
[2010.09.01 10:13:47 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.31 20:33:16 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010.08.31 20:33:14 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010.08.31 20:26:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.31 18:20:10 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.31 18:12:04 | 000,081,920 | R--- | C] () -- C:\Windows\WiaInst.exe
[2010.08.31 17:17:02 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.08.31 14:44:09 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.08.31 14:44:09 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.08.31 14:39:19 | 000,035,975 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.08.31 14:38:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.31 14:38:54 | 000,026,147 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.07.27 10:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.07.27 10:03:20 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.07.27 10:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.01.25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\SysWow64\OGAEXEC.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== LOP Check ==========
[2011.10.10 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.06.15 21:23:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\BITS
[2011.07.30 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.04 18:48:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Citrix
[2010.09.03 23:05:46 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\DAEMON Tools Lite
[2011.06.14 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FileZilla
[2011.03.03 19:08:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGet
[2010.08.31 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGetBHO
[2011.06.18 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Free Download Manager
[2011.07.11 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GeoGet
[2011.02.07 16:43:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GetRightToGo
[2010.09.01 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GHISLER
[2010.12.04 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICAClient
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICQ
[2010.11.01 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Jpeg Resampler
[2010.09.19 21:01:09 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks
[2010.11.05 23:10:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Leadertech
[2010.09.05 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\NCH Swift Sound
[2011.05.27 08:05:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nokia
[2010.11.07 23:25:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Opera
[2011.05.27 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PC Suite
[2010.09.17 20:30:13 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PDF reDirect
[2011.04.12 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PeaZip
[2010.09.05 22:23:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PowerCinema
[2011.10.04 20:49:41 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.08.28 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca
[2010.09.13 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Software602
[2010.09.10 20:11:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\streamripper
[2011.10.06 21:22:36 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.06.18 20:40:28 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\UDC Profiles
[2011.06.08 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Ulead Systems
[2011.06.10 23:02:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\uTorrent
[2011.08.18 19:44:33 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\VSRevoGroup
[2011.05.15 18:29:27 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[22 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.10 21:52:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ABBYY
[2011.09.21 21:41:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Adobe
[2011.02.08 11:57:15 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Apple Computer
[2010.09.05 18:49:59 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ArcSoft
[2010.08.31 15:14:57 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ATI
[2011.10.10 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.06.15 21:23:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\BITS
[2011.07.30 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.04 18:48:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Citrix
[2011.06.07 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Corel
[2011.04.15 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\CyberLink
[2010.09.03 23:05:46 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\DAEMON Tools Lite
[2010.09.27 22:33:55 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Download Manager
[2011.06.14 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FileZilla
[2011.03.03 19:08:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGet
[2010.08.31 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGetBHO
[2011.06.18 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Free Download Manager
[2011.07.11 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GeoGet
[2011.02.07 16:43:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GetRightToGo
[2010.09.01 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GHISLER
[2010.12.04 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICAClient
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICQ
[2010.08.31 14:31:26 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Identities
[2010.08.31 18:29:45 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\InstallShield
[2010.11.01 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Jpeg Resampler
[2010.09.19 21:01:09 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks
[2010.11.05 23:10:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Leadertech
[2010.11.10 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Logitech
[2010.08.31 14:50:02 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Macromedia
[2011.07.27 20:52:02 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Media Center Programs
[2011.07.31 22:09:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Media Player Classic
[2011.07.31 12:38:15 | 000,000,000 | --SD | M] -- C:\Users\ROMAN\AppData\Roaming\Microsoft
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Mozilla
[2010.09.05 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\NCH Swift Sound
[2010.09.01 10:27:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nero
[2011.05.27 08:05:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nokia
[2010.11.07 23:25:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Opera
[2011.05.27 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PC Suite
[2010.09.17 20:30:13 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PDF reDirect
[2011.04.12 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PeaZip
[2010.09.05 22:23:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PowerCinema
[2010.10.20 21:36:12 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PSpad
[2011.10.04 20:49:41 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.08.28 17:10:44 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Real
[2010.09.03 23:45:26 | 000,000,000 | RH-D | M] -- C:\Users\ROMAN\AppData\Roaming\SecuROM
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Skype
[2011.10.04 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\skypePM
[2011.08.28 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca
[2010.09.13 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Software602
[2010.09.10 20:11:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\streamripper
[2011.10.06 21:22:36 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2010.10.12 19:54:15 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\U3
[2011.06.18 20:40:28 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\UDC Profiles
[2011.06.08 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Ulead Systems
[2011.06.10 23:02:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\uTorrent
[2011.09.19 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\vlc
[2011.08.18 19:44:33 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\VSRevoGroup
[2011.10.12 21:58:56 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Winamp
[2010.08.31 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.05.05 22:10:22 | 000,628,224 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2010.08.03 09:42:04 | 000,300,400 | ---- | M] (Juniper Networks") -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
[2010.08.03 09:42:04 | 000,234,864 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe
[2010.08.03 09:42:06 | 000,157,040 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\InstallHelper.exe
[2010.08.03 09:42:20 | 000,056,072 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe
[2010.06.03 01:46:12 | 000,132,464 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe
[2010.06.03 01:46:12 | 000,497,008 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
[2010.06.03 01:45:36 | 000,330,088 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe
[2010.06.03 01:44:10 | 000,218,232 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe
[2010.06.03 01:46:18 | 000,050,840 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe
[2010.11.05 23:10:57 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.09.01 11:13:13 | 000,029,926 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011.08.05 15:34:41 | 000,001,078 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{B4DBAD3D-84EC-4A99-9E73-37CEDF7A0B86}\_18be6784.exe
[2010.09.10 16:16:50 | 000,010,134 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.05.19 11:06:56 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2011.05.16 13:31:42 | 000,070,984 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
[2011.08.28 15:57:38 | 000,000,000 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca\SMSposilac.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\ROMAN\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.10.12 20:57:48 | 000,026,477 | ---- | M] () -- C:\Windows\system32\DTVWizard_LOG.txt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.01.25 22:28:56 | 000,136,176 | ---- | M] (Google Inc.)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () MD5=81BD6F795DE86BF90CFC9BC9418B8FD9 -- C:\PhysicalMBR.bin
[2 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2011.01.05 17:45:54 | 004,799,888 | ---- | M] () -- \FIREFOX STAHOVANI\NFSHP2010_Crack.rar
[2011.03.03 19:20:53 | 000,004,328 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\CrackedCom.class
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Program Files (x86)\GeoGet\distdata\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif.old
[2011.10.10 19:43:07 | 000,000,723 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Microsoft\Windows\Recent\CRACK.lnk
< *keygen* /s >
[2010.09.30 20:57:32 | 000,294,400 | ---- | M] () -- \FIREFOX STAHOVANI\srkeygenu1.exe
< *loader* /s >
[2011.09.21 20:50:41 | 000,997,376 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader(2).exe
[2011.02.24 20:40:09 | 000,974,336 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader(3).exe
[2011.02.18 20:50:21 | 000,974,336 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader.exe
[2009.10.26 22:52:34 | 000,214,528 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\JDownloader.exe
[2011.03.03 19:20:00 | 000,593,293 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\JDownloader.jar
[2011.03.03 19:20:13 | 000,000,100 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\ipauploader.com.png
[2011.03.03 19:20:13 | 000,000,105 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\jdupdateloader.png
[2009.10.07 00:48:58 | 000,000,113 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\uploader.pl.png
[2009.10.01 01:57:04 | 000,003,264 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\IPAUploaderCom.class
[2011.03.03 19:20:26 | 000,007,069 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\UploaderPl.class
[2009.10.26 22:48:22 | 000,032,222 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\licenses\jdownloader.license
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.05.30 19:57:26 | 000,003,846 | ---- | M] () -- \Program Files (x86)\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A80000000002}\ResourceLoader.class
[2004.02.03 10:27:56 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.01.04 19:53:08 | 000,002,945 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\accLoader.ini
[2010.06.26 11:55:30 | 000,111,776 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\VimeoUploader.dll
[2010.06.26 11:55:42 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader.resources.dll
[2010.06.26 11:55:50 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader_Lite.resources.dll
[2010.06.26 11:56:18 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader.resources.dll
[2010.06.26 11:56:24 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:30 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader.resources.dll
[2010.06.26 11:55:42 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:30 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader.resources.dll
[2010.06.26 11:55:34 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:08 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader.resources.dll
[2010.06.26 11:55:20 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader.resources.dll
[2010.06.26 11:54:54 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:56 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader.resources.dll
[2010.06.26 11:55:06 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader.resources.dll
[2010.06.26 11:54:54 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader.resources.dll
[2010.06.26 11:54:56 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader.resources.dll
[2010.06.26 11:54:52 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:02 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader.resources.dll
[2010.06.26 11:54:12 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader_Lite.resources.dll
[2009.12.26 14:08:34 | 000,331,976 | ---- | M] () -- \Program Files (x86)\Corel\MLE\VimeoUploader.dll
[2008.05.16 17:40:58 | 000,010,758 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\mm\MediaCtrl\ImageLoader.kc
[2008.05.16 17:41:04 | 000,003,475 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\widget\langloader.kc
[2008.05.16 17:41:04 | 000,012,778 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\widget\layoutloader.kc
[2008.10.21 15:03:08 | 000,010,481 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader.kc
[2008.10.21 15:03:08 | 000,009,140 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader2.kc
[2008.10.21 15:03:08 | 000,003,482 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\Widget\langloader.kc
[2008.10.21 15:03:08 | 000,012,741 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\Widget\layoutloader.kc
[2008.10.23 01:23:04 | 000,011,415 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\mm\MediaCtrl\ImageLoader.kc
[2008.10.23 01:23:12 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\widget\langloader.kc
[2008.10.23 01:23:12 | 000,012,402 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\widget\layoutloader.kc
[2009.12.02 12:21:02 | 000,272,776 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\bin\Loader.exe
[2009.09.01 15:30:00 | 000,000,417 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\bin\Loader.exe.manifest
[2008.12.16 12:37:16 | 000,003,614 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\etc\gtk-2.0\gdk-pixbuf.loaders
[2008.12.16 12:17:26 | 000,028,560 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2008.12.16 12:17:22 | 000,027,492 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2008.12.16 12:17:24 | 000,041,827 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2008.12.16 12:17:34 | 000,020,750 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2008.12.16 12:17:26 | 000,027,004 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2008.12.16 12:17:28 | 000,033,364 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2008.12.16 12:17:36 | 000,021,329 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2008.12.16 12:17:20 | 000,035,326 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2008.12.16 12:17:28 | 000,023,528 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2008.12.16 12:17:30 | 000,018,354 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2008.12.16 12:17:34 | 000,023,858 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2008.12.16 12:17:30 | 000,028,334 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2008.12.16 12:17:22 | 000,017,895 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2008.12.16 12:17:32 | 000,023,851 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2008.12.16 12:17:32 | 000,041,060 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.10.29 04:18:36 | 000,003,922 | ---- | M] () -- \Program Files (x86)\EWA net\webapps\EWA-net\WEB-INF\classes\com\hp\tis\ewo\feedback\logic\UserContextLoader.class
[2010.03.31 00:09:18 | 000,003,922 | ---- | M] () -- \Program Files (x86)\EWA net\webapps\EWA-net_1112198948\WEB-INF\classes\com\hp\tis\ewo\feedback\logic\UserContextLoader.class
[2010.12.14 16:19:31 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2010.12.14 16:19:31 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008.11.30 15:07:49 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 15:07:49 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2010.12.14 16:20:20 | 000,003,479 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2010.12.14 16:19:45 | 000,552,798 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2006.08.16 04:25:58 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue.dds
[2006.08.16 04:25:58 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_bump.dds
[2006.08.16 04:26:00 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_lm.dds
[2006.08.16 04:26:00 | 000,349,648 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_specular.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey_lm.dds
[2006.09.04 21:21:28 | 000,301,367 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderBlue\model\VEH_Air_BagLoaderBlue.mdl
[2006.09.04 21:21:30 | 000,301,815 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderGrey\model\VEH_Air_BagLoaderGrey.mdl
[2011.01.11 16:20:20 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2011.01.11 16:20:22 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2010.12.09 13:10:30 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.03.24 21:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.06.21 01:36:54 | 000,017,661 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\JARClassLoader.html
[2011.06.21 01:36:54 | 000,017,254 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\BshClassLoader.html
[2011.06.21 01:36:56 | 000,013,964 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.ClassSourceMap.html
[2011.06.21 01:36:54 | 000,016,539 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.html
[2011.06.21 01:36:54 | 000,007,473 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\BshClassLoader.html
[2011.06.21 01:36:54 | 000,008,155 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.ClassSourceMap.html
[2011.06.21 01:36:54 | 000,005,584 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.html
[2011.06.21 01:36:52 | 000,007,116 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\class-use\JARClassLoader.html
[2011.06.21 01:35:38 | 000,003,468 | ---- | M] () -- \Program Files\jEdit\modes\sql-loader.xml
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.06.23 18:08:48 | 000,034,500 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011.08.03 16:05:21 | 000,001,361 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010.02.05 14:22:02 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.08.28 17:08:30 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.08.28 17:08:30 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2006.08.05 04:03:36 | 000,005,624 | ---- | M] () -- \RADIO\EnterBootloader.exe
[2010.06.23 18:08:48 | 000,034,500 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011.08.03 16:05:21 | 000,001,361 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010.02.05 14:22:02 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.08.28 17:08:30 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.08.28 17:08:30 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.08.17 21:40:33 | 000,002,116 | ---- | M] () -- \Users\Public\Desktop\MP3 Downloader.lnk
[2010.10.05 21:24:20 | 000,001,186 | ---- | M] () -- \Users\Public\Desktop\Youtube downloader.lnk
[2011.07.30 21:02:24 | 000,178,441 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.09.28 16:44:40 | 000,001,000 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.24 20:42:06 | 000,000,816 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.18 20:57:14 | 000,001,261 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:59:06 | 000,001,048 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.08.05 22:20:57 | 000,003,174 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H1JLN9Q\loader[1].js
[2011.09.12 20:00:00 | 000,000,694 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMX6AD5J\ajax-preloader-bg[1].gif
[2011.08.17 19:41:11 | 000,000,693 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMX6AD5J\downloaderror[1].js
[2011.08.17 19:40:09 | 000,002,545 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\ajax-loader3[1].gif
[2011.08.17 19:41:10 | 000,007,879 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\bundleloader[1].js
[2011.08.22 18:55:44 | 000,001,737 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\loader[1].gif
[2011.08.17 19:31:47 | 000,002,545 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWC0TUIE\ajax-loader3[1].gif
[2011.08.17 19:40:05 | 000,001,423 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWC0TUIE\loader[1].gif
[2011.08.17 19:41:11 | 000,001,174 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\downloader[1].js
[2011.08.17 19:31:42 | 000,006,820 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader66[1].gif
[2011.08.17 19:40:04 | 000,006,820 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader66[2].gif
[2011.08.17 19:31:43 | 000,001,423 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader[1].gif
[2011.08.28 17:09:13 | 000,003,655 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader[1].htm
[2011.08.31 22:10:41 | 000,061,619 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\yuiloader-dom-event[1].js
[2011.02.07 16:43:00 | 000,001,245 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_MT6225_Driver.data
[2011.02.07 16:42:50 | 000,000,830 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_MT6225_Driver.data0
[2011.09.26 21:07:57 | 000,001,043 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Microsoft\Windows\Recent\Henessy.XXX.by.Colly.of.PowerUploaders.lnk
[2011.06.20 14:07:48 | 000,009,767 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2011.10.02 18:19:32 | 000,010,144 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2011.02.24 20:42:28 | 000,001,083 | ---- | M] () -- \Users\ROMAN\Desktop\SRDownloader - Share rapid.lnk
[2006.06.13 18:27:40 | 000,005,624 | ---- | M] () -- \USPL\EnterBootloader.exe
[2010.09.01 08:03:24 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.10.10 18:54:20 | 000,022,136 | ---- | M] () -- \Windows\Prefetch\ADOBE GAMMA LOADER.EXE-46CBEC9D.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.06 10:27:41 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.06 10:27:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.06 10:27:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.06 10:27:41 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.06 10:27:41 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.20 14:07:48 | 000,009,767 | ---- | M] () -- \Záloha Firefox 22.8.2011\ls90gvhb.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2011.07.31 15:50:42 | 000,010,145 | ---- | M] () -- \Záloha Firefox 22.8.2011\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:05B51235
< End of report >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.10 21:52:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ABBYY
[2011.09.21 21:41:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Adobe
[2011.02.08 11:57:15 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Apple Computer
[2010.09.05 18:49:59 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ArcSoft
[2010.08.31 15:14:57 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ATI
[2011.10.10 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.06.15 21:23:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\BITS
[2011.07.30 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.04 18:48:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Citrix
[2011.06.07 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Corel
[2011.04.15 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\CyberLink
[2010.09.03 23:05:46 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\DAEMON Tools Lite
[2010.09.27 22:33:55 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Download Manager
[2011.06.14 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FileZilla
[2011.03.03 19:08:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGet
[2010.08.31 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\FlashGetBHO
[2011.06.18 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Free Download Manager
[2011.07.11 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GeoGet
[2011.02.07 16:43:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GetRightToGo
[2010.09.01 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\GHISLER
[2010.12.04 18:26:49 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICAClient
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\ICQ
[2010.08.31 14:31:26 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Identities
[2010.08.31 18:29:45 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\InstallShield
[2010.11.01 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Jpeg Resampler
[2010.09.19 21:01:09 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks
[2010.11.05 23:10:58 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Leadertech
[2010.11.10 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Logitech
[2010.08.31 14:50:02 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Macromedia
[2011.07.27 20:52:02 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Media Center Programs
[2011.07.31 22:09:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Media Player Classic
[2011.07.31 12:38:15 | 000,000,000 | --SD | M] -- C:\Users\ROMAN\AppData\Roaming\Microsoft
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Mozilla
[2010.09.05 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\NCH Swift Sound
[2010.09.01 10:27:08 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nero
[2011.05.27 08:05:39 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Nokia
[2010.11.07 23:25:38 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Opera
[2011.05.27 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PC Suite
[2010.09.17 20:30:13 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PDF reDirect
[2011.04.12 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PeaZip
[2010.09.05 22:23:19 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PowerCinema
[2010.10.20 21:36:12 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\PSpad
[2011.10.04 20:49:41 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.08.28 17:10:44 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Real
[2010.09.03 23:45:26 | 000,000,000 | RH-D | M] -- C:\Users\ROMAN\AppData\Roaming\SecuROM
[2011.10.04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Skype
[2011.10.04 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\skypePM
[2011.08.28 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca
[2010.09.13 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Software602
[2010.09.10 20:11:32 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\streamripper
[2011.10.06 21:22:36 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2010.10.12 19:54:15 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\U3
[2011.06.18 20:40:28 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\UDC Profiles
[2011.06.08 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Ulead Systems
[2011.06.10 23:02:11 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\uTorrent
[2011.09.19 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\vlc
[2011.08.18 19:44:33 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\VSRevoGroup
[2011.10.12 21:58:56 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\Winamp
[2010.08.31 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\ROMAN\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.05.05 22:10:22 | 000,628,224 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2010.08.03 09:42:04 | 000,300,400 | ---- | M] (Juniper Networks") -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
[2010.08.03 09:42:04 | 000,234,864 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe
[2010.08.03 09:42:06 | 000,157,040 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\InstallHelper.exe
[2010.08.03 09:42:20 | 000,056,072 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe
[2010.06.03 01:46:12 | 000,132,464 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe
[2010.06.03 01:46:12 | 000,497,008 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
[2010.06.03 01:45:36 | 000,330,088 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe
[2010.06.03 01:44:10 | 000,218,232 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe
[2010.06.03 01:46:18 | 000,050,840 | ---- | M] (Juniper Networks) -- C:\Users\ROMAN\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe
[2010.11.05 23:10:57 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.09.01 11:13:13 | 000,029,926 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011.08.05 15:34:41 | 000,001,078 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{B4DBAD3D-84EC-4A99-9E73-37CEDF7A0B86}\_18be6784.exe
[2010.09.10 16:16:50 | 000,010,134 | R--- | M] () -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.05.19 11:06:56 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2011.05.16 13:31:42 | 000,070,984 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
[2011.08.28 15:57:38 | 000,000,000 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\SMS posílač Treca\SMSposilac.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\ROMAN\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.10.12 20:57:48 | 000,026,477 | ---- | M] () -- C:\Windows\system32\DTVWizard_LOG.txt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.01.25 22:28:56 | 000,136,176 | ---- | M] (Google Inc.)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () MD5=81BD6F795DE86BF90CFC9BC9418B8FD9 -- C:\PhysicalMBR.bin
[2 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2011.01.05 17:45:54 | 004,799,888 | ---- | M] () -- \FIREFOX STAHOVANI\NFSHP2010_Crack.rar
[2011.03.03 19:20:53 | 000,004,328 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\CrackedCom.class
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Program Files (x86)\GeoGet\distdata\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif.old
[2011.10.10 19:43:07 | 000,000,723 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Microsoft\Windows\Recent\CRACK.lnk
< *keygen* /s >
[2010.09.30 20:57:32 | 000,294,400 | ---- | M] () -- \FIREFOX STAHOVANI\srkeygenu1.exe
< *loader* /s >
[2011.09.21 20:50:41 | 000,997,376 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader(2).exe
[2011.02.24 20:40:09 | 000,974,336 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader(3).exe
[2011.02.18 20:50:21 | 000,974,336 | ---- | M] () -- \FIREFOX STAHOVANI\SRDownloader.exe
[2009.10.26 22:52:34 | 000,214,528 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\JDownloader.exe
[2011.03.03 19:20:00 | 000,593,293 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\JDownloader.jar
[2011.03.03 19:20:13 | 000,000,100 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\ipauploader.com.png
[2011.03.03 19:20:13 | 000,000,105 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\jdupdateloader.png
[2009.10.07 00:48:58 | 000,000,113 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\img\hosterlogos\uploader.pl.png
[2009.10.01 01:57:04 | 000,003,264 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\IPAUploaderCom.class
[2011.03.03 19:20:26 | 000,007,069 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\jd\plugins\hoster\UploaderPl.class
[2009.10.26 22:48:22 | 000,032,222 | ---- | M] () -- \FIREFOX STAHOVANI\JDownloader\JDownloader 0.9.310\licenses\jdownloader.license
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.05.30 19:57:26 | 000,003,846 | ---- | M] () -- \Program Files (x86)\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A80000000002}\ResourceLoader.class
[2004.02.03 10:27:56 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.01.04 19:53:08 | 000,002,945 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\accLoader.ini
[2010.06.26 11:55:30 | 000,111,776 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\VimeoUploader.dll
[2010.06.26 11:55:42 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader.resources.dll
[2010.06.26 11:55:50 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader_Lite.resources.dll
[2010.06.26 11:56:18 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader.resources.dll
[2010.06.26 11:56:24 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:30 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader.resources.dll
[2010.06.26 11:55:42 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:30 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader.resources.dll
[2010.06.26 11:55:34 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader_Lite.resources.dll
[2010.06.26 11:55:08 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader.resources.dll
[2010.06.26 11:55:20 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader.resources.dll
[2010.06.26 11:54:54 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:56 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader.resources.dll
[2010.06.26 11:55:06 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader.resources.dll
[2010.06.26 11:54:54 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader.resources.dll
[2010.06.26 11:54:56 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:44 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader.resources.dll
[2010.06.26 11:54:52 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader_Lite.resources.dll
[2010.06.26 11:54:02 | 000,110,752 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader.resources.dll
[2010.06.26 11:54:12 | 000,013,472 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader_Lite.resources.dll
[2009.12.26 14:08:34 | 000,331,976 | ---- | M] () -- \Program Files (x86)\Corel\MLE\VimeoUploader.dll
[2008.05.16 17:40:58 | 000,010,758 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\mm\MediaCtrl\ImageLoader.kc
[2008.05.16 17:41:04 | 000,003,475 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\widget\langloader.kc
[2008.05.16 17:41:04 | 000,012,778 | ---- | M] () -- \Program Files (x86)\CyberLink\PlayMovie\widget\layoutloader.kc
[2008.10.21 15:03:08 | 000,010,481 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader.kc
[2008.10.21 15:03:08 | 000,009,140 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader2.kc
[2008.10.21 15:03:08 | 000,003,482 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\Widget\langloader.kc
[2008.10.21 15:03:08 | 000,012,741 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerCinema\Widget\layoutloader.kc
[2008.10.23 01:23:04 | 000,011,415 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\mm\MediaCtrl\ImageLoader.kc
[2008.10.23 01:23:12 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\widget\langloader.kc
[2008.10.23 01:23:12 | 000,012,402 | ---- | M] () -- \Program Files (x86)\CyberLink\TV Enhance\widget\layoutloader.kc
[2009.12.02 12:21:02 | 000,272,776 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\bin\Loader.exe
[2009.09.01 15:30:00 | 000,000,417 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\bin\Loader.exe.manifest
[2008.12.16 12:37:16 | 000,003,614 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\etc\gtk-2.0\gdk-pixbuf.loaders
[2008.12.16 12:17:26 | 000,028,560 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2008.12.16 12:17:22 | 000,027,492 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2008.12.16 12:17:24 | 000,041,827 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2008.12.16 12:17:34 | 000,020,750 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2008.12.16 12:17:26 | 000,027,004 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2008.12.16 12:17:28 | 000,033,364 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2008.12.16 12:17:36 | 000,021,329 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2008.12.16 12:17:20 | 000,035,326 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2008.12.16 12:17:28 | 000,023,528 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2008.12.16 12:17:30 | 000,018,354 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2008.12.16 12:17:34 | 000,023,858 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2008.12.16 12:17:30 | 000,028,334 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2008.12.16 12:17:22 | 000,017,895 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2008.12.16 12:17:32 | 000,023,851 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2008.12.16 12:17:32 | 000,041,060 | ---- | M] () -- \Program Files (x86)\EASEUS\EASEUS Todo Backup 1.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.10.29 04:18:36 | 000,003,922 | ---- | M] () -- \Program Files (x86)\EWA net\webapps\EWA-net\WEB-INF\classes\com\hp\tis\ewo\feedback\logic\UserContextLoader.class
[2010.03.31 00:09:18 | 000,003,922 | ---- | M] () -- \Program Files (x86)\EWA net\webapps\EWA-net_1112198948\WEB-INF\classes\com\hp\tis\ewo\feedback\logic\UserContextLoader.class
[2010.12.14 16:19:31 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2010.12.14 16:19:31 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008.11.30 15:07:49 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 15:07:49 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2010.12.14 16:20:20 | 000,003,479 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2010.12.14 16:19:45 | 000,552,798 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2006.08.16 04:25:58 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue.dds
[2006.08.16 04:25:58 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_bump.dds
[2006.08.16 04:26:00 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_lm.dds
[2006.08.16 04:26:00 | 000,349,648 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_specular.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey_lm.dds
[2006.09.04 21:21:28 | 000,301,367 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderBlue\model\VEH_Air_BagLoaderBlue.mdl
[2006.09.04 21:21:30 | 000,301,815 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderGrey\model\VEH_Air_BagLoaderGrey.mdl
[2011.01.11 16:20:20 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2011.01.11 16:20:22 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2010.12.09 13:10:30 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.03.24 21:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.06.21 01:36:54 | 000,017,661 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\JARClassLoader.html
[2011.06.21 01:36:54 | 000,017,254 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\BshClassLoader.html
[2011.06.21 01:36:56 | 000,013,964 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.ClassSourceMap.html
[2011.06.21 01:36:54 | 000,016,539 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.html
[2011.06.21 01:36:54 | 000,007,473 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\BshClassLoader.html
[2011.06.21 01:36:54 | 000,008,155 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.ClassSourceMap.html
[2011.06.21 01:36:54 | 000,005,584 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.html
[2011.06.21 01:36:52 | 000,007,116 | ---- | M] () -- \Program Files\jEdit\doc\api\org\gjt\sp\jedit\class-use\JARClassLoader.html
[2011.06.21 01:35:38 | 000,003,468 | ---- | M] () -- \Program Files\jEdit\modes\sql-loader.xml
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.06.23 18:08:48 | 000,034,500 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011.08.03 16:05:21 | 000,001,361 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010.02.05 14:22:02 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.08.28 17:08:30 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.08.28 17:08:30 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2006.08.05 04:03:36 | 000,005,624 | ---- | M] () -- \RADIO\EnterBootloader.exe
[2010.06.23 18:08:48 | 000,034,500 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011.08.03 16:05:21 | 000,001,361 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2010.02.05 14:22:02 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.08.28 17:08:30 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.08.28 17:08:30 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.08.17 21:40:33 | 000,002,116 | ---- | M] () -- \Users\Public\Desktop\MP3 Downloader.lnk
[2010.10.05 21:24:20 | 000,001,186 | ---- | M] () -- \Users\Public\Desktop\Youtube downloader.lnk
[2011.07.30 21:02:24 | 000,178,441 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.09.28 16:44:40 | 000,001,000 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.24 20:42:06 | 000,000,816 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.18 20:57:14 | 000,001,261 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:59:06 | 000,001,048 | ---- | M] () -- \Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.08.05 22:20:57 | 000,003,174 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H1JLN9Q\loader[1].js
[2011.09.12 20:00:00 | 000,000,694 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMX6AD5J\ajax-preloader-bg[1].gif
[2011.08.17 19:41:11 | 000,000,693 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMX6AD5J\downloaderror[1].js
[2011.08.17 19:40:09 | 000,002,545 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\ajax-loader3[1].gif
[2011.08.17 19:41:10 | 000,007,879 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\bundleloader[1].js
[2011.08.22 18:55:44 | 000,001,737 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RGAVKJIR\loader[1].gif
[2011.08.17 19:31:47 | 000,002,545 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWC0TUIE\ajax-loader3[1].gif
[2011.08.17 19:40:05 | 000,001,423 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWC0TUIE\loader[1].gif
[2011.08.17 19:41:11 | 000,001,174 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\downloader[1].js
[2011.08.17 19:31:42 | 000,006,820 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader66[1].gif
[2011.08.17 19:40:04 | 000,006,820 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader66[2].gif
[2011.08.17 19:31:43 | 000,001,423 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader[1].gif
[2011.08.28 17:09:13 | 000,003,655 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\loader[1].htm
[2011.08.31 22:10:41 | 000,061,619 | ---- | M] () -- \Users\ROMAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKZ4QUUD\yuiloader-dom-event[1].js
[2011.02.07 16:43:00 | 000,001,245 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_MT6225_Driver.data
[2011.02.07 16:42:50 | 000,000,830 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_MT6225_Driver.data0
[2011.09.26 21:07:57 | 000,001,043 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Microsoft\Windows\Recent\Henessy.XXX.by.Colly.of.PowerUploaders.lnk
[2011.06.20 14:07:48 | 000,009,767 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2011.10.02 18:19:32 | 000,010,144 | ---- | M] () -- \Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2011.02.24 20:42:28 | 000,001,083 | ---- | M] () -- \Users\ROMAN\Desktop\SRDownloader - Share rapid.lnk
[2006.06.13 18:27:40 | 000,005,624 | ---- | M] () -- \USPL\EnterBootloader.exe
[2010.09.01 08:03:24 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.10.10 18:54:20 | 000,022,136 | ---- | M] () -- \Windows\Prefetch\ADOBE GAMMA LOADER.EXE-46CBEC9D.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.06 10:27:41 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.06 10:27:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.06 10:27:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.06 10:27:41 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.06 10:27:41 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.20 14:07:48 | 000,009,767 | ---- | M] () -- \Záloha Firefox 22.8.2011\ls90gvhb.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2011.07.31 15:50:42 | 000,010,145 | ---- | M] () -- \Záloha Firefox 22.8.2011\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:05B51235
< End of report >
-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
DRUHY LOG:::
OTL Extras logfile created on: 12.10.2011 21:56:30 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 46,88% Memory free
7,99 Gb Paging File | 5,62 Gb Available in Paging File | 70,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 16,31 Gb Free Space | 8,76% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,27 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive F: | 541,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerEmail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerEmail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08347912-0AA5-C85E-BC02-416568E741B4}" = AMD Drag and Drop Transcoding
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5783F2D7-A001-0405-0102-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5B5E6281-BF1A-EA70-E567-C92227254011}" = ATI AVIVO64 Codecs
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{897BE4A7-682B-7375-BBAF-05A44FC2B524}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{914C25C6-603C-16C9-BE33-8A09E5632350}" = ccc-utility64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6246243-CF06-4E40-8A37-C3B537695C36}" = Share64
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Jazykový balíček Autodesk Inventor Fusion 2012
"1F83630F1D96893C47BCF19B627F1BBA13E0DAF7" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam (06/21/2007 2.2.0.0)
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"D4D93CD19C3E3B78F95D0606CD187BDE3317187F" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam (12/28/2006 1.0.0.0)
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443" = Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"jEdit_is1" = jEdit 4.4.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"ProgDVB" = ProgDVB
"WinPdf Writer" = WinPdf Writer
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{00989200-325C-4910-8D7C-708529685D64}" = EWA_net_WIS_CaseOnline_Importer
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12444FB2-997D-7BB2-0CEB-453E31307929}" = ccc-core-static
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E72583-459E-428C-B4E7-C2CC4538FFED}" = WinPDF Writer
"{18AEB406-A211-415B-8A71-BDE6CBDD734C}" = OLYMPUS Studio 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25011E2E-7539-4297-B240-B3EC25ABDBE8}" = Image Retriever 6
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{278DB2A0-512A-4555-8BA0-C5D65E9DDC79}" = EWA_net_Client_Applications
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = Codec-TS SDK
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (FORDECATDB)
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{42ACCB45-3363-47E0-94E9-F0074CC8BC56}" = Citrix Presentation Server Client
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51399947-35EF-10B8-FC7F-0D435C701A2D}" = Catalyst Control Center InstallProxy
"{51AA8C3F-B316-44A8-B371-4BB6047E45DF}" = WSC Real 09
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64D24CA4-3E42-460A-B4C7-FB7A1CE1C629}" = VAG Info System
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6DFC4B13-4489-4A59-AF95-12628A86FA76}" = 602PC SUITE
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{707790EF-9E51-1548-F90C-57B38065F38C}" = Catalyst Control Center Graphics Previews Vista
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7A997C02-81D4-4FEC-9C1C-F916611F8360}" = EWA_net_EPC
"{7AAD7C98-F146-4E68-906F-1C18DA3F9F8C}_is1" = Čeština pro iTunes 8.1.0.52
"{7B5999EE-F2DD-4677-675D-51F11C6F6181}" = Catalyst Control Center Graphics Previews Common
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{867AE74B-855F-4ABD-BCA1-7B4C0ECF2DD9}" = FlashCatcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A68C62E8-B243-4777-89BB-12173DFA1D45}" = OLYMPUS Digital Camera Updater
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AE096DBF-8878-6943-3858-7EE9D54D70B7}" = CCC Help English
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = TT-SB SDK
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4DBAD3D-84EC-4A99-9E73-37CEDF7A0B86}" = Xml Viewer
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0F1D697-0C8F-4563-A406-830AE52BCE65}" = EWA_net_WIS
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CEEFD1AB-501F-4587-B0C9-A27A38FBBD5A}" = Cerberus FTP Server
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D78A1468-84FD-4226-BB33-713A7EBE3028}" = Document_Installer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E68C5783-A1E6-4D4C-83D4-99DD470F3D94}" = EWA_net_Server
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F41852C7-939E-49A3-A5A7-5E3A81C32A8B}" = EWA_net_Core
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F49AFE1E-A8F1-4764-9138-C82C8E617E2B}" = EWA_net_Admin
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"6103-4188-8184-5707" = RapidShare Manager 2
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Airbus Series Vol.1 (FS X)" = Airbus Series Vol.1 (FS X)
"Alcohol 120%" = Alcohol 120% 2.0.1.2033 XCV Edition
"All ATI Software" = ATI - Software Uninstall Utility
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.64.43
"Back4Win_is1" = Back4Win
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"DreamCom SE_is1" = DreamCom SE 1.3
"Duke Nukem 3D (engine EDuke32 with HRP Update 4.0)" = Duke Nukem 3D (engine EDuke32 with HRP Update 4.0)
"DVBViewer Pro_is1" = DVBViewer Pro
"DynGate" = DynGate
"EASEUS Todo Backup 1.1_is1" = EASEUS Todo Backup 1.1
"eLearn 1.2.1_is1" = eLearn CDROM 1.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"EWA net" = EWA net
"FlashGet(JetCar)" = FlashGet(JetCar)
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.70
"Free Download Manager_is1" = Free Download Manager 3.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FS Global 2010" = FS Global 2010
"GeoGet_is1" = GeoGet 2.5.13.628
"HaaliMkx" = Haali Media Splitter
"HD Tune_is1" = HD Tune 2.50
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"itrafficmonitor_is1" = iTraffic Monitor v1.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Memory Max_is1" = Memory Max ver. 1.4
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 11.50.1074" = Opera 11.50
"PaperlessPrinter_is1" = PaperlessPrinter version 4.0
"PapíííClock_is1" = PapíííClock 1.2
"PDF reDirect" = PDF reDirect (remove only)
"PHARAOHEDITOR_is1" = MAX's HTML Beauty++ 2004
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče verze 58 sestavení 212
"RealPlayer 12.0" = RealPlayer
"Resco Explorer" = Resco Explorer
"Revo Uninstaller" = Revo Uninstaller 1.93
"ScreenVirtuoso Pro 2.00_is1" = ScreenVirtuoso Pro 2.00
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Streamripper" = Streamripper (Remove only)
"TeamViewer" = TeamViewer
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"UPsani" = Učitel psaní
"uTorrent" = µTorrent
"VB6Files" = VB6Files
"VCDS Beta 11.2" = VCDS Beta 11.2.0
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Xerox Phaser 6110MFP" = Xerox Phaser 6110MFP
"XML Marker_is1" = XML Marker version 1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"A380v2 (FSX)" = A380v2 (FSX)
"Airbus Series Vol.2 (FS X)" = Airbus Series Vol.2 (FS X)
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"QIP 2005" = QIP 2005 8095
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL Extras logfile created on: 12.10.2011 21:56:30 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 46,88% Memory free
7,99 Gb Paging File | 5,62 Gb Available in Paging File | 70,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 16,31 Gb Free Space | 8,76% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,27 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive F: | 541,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerEmail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerEmail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08347912-0AA5-C85E-BC02-416568E741B4}" = AMD Drag and Drop Transcoding
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5783F2D7-A001-0405-0102-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5B5E6281-BF1A-EA70-E567-C92227254011}" = ATI AVIVO64 Codecs
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{897BE4A7-682B-7375-BBAF-05A44FC2B524}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{914C25C6-603C-16C9-BE33-8A09E5632350}" = ccc-utility64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6246243-CF06-4E40-8A37-C3B537695C36}" = Share64
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Jazykový balíček Autodesk Inventor Fusion 2012
"1F83630F1D96893C47BCF19B627F1BBA13E0DAF7" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam (06/21/2007 2.2.0.0)
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"D4D93CD19C3E3B78F95D0606CD187BDE3317187F" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam (12/28/2006 1.0.0.0)
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443" = Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"jEdit_is1" = jEdit 4.4.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"ProgDVB" = ProgDVB
"WinPdf Writer" = WinPdf Writer
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{00989200-325C-4910-8D7C-708529685D64}" = EWA_net_WIS_CaseOnline_Importer
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12444FB2-997D-7BB2-0CEB-453E31307929}" = ccc-core-static
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E72583-459E-428C-B4E7-C2CC4538FFED}" = WinPDF Writer
"{18AEB406-A211-415B-8A71-BDE6CBDD734C}" = OLYMPUS Studio 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25011E2E-7539-4297-B240-B3EC25ABDBE8}" = Image Retriever 6
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{278DB2A0-512A-4555-8BA0-C5D65E9DDC79}" = EWA_net_Client_Applications
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = Codec-TS SDK
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (FORDECATDB)
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{42ACCB45-3363-47E0-94E9-F0074CC8BC56}" = Citrix Presentation Server Client
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51399947-35EF-10B8-FC7F-0D435C701A2D}" = Catalyst Control Center InstallProxy
"{51AA8C3F-B316-44A8-B371-4BB6047E45DF}" = WSC Real 09
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64D24CA4-3E42-460A-B4C7-FB7A1CE1C629}" = VAG Info System
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6DFC4B13-4489-4A59-AF95-12628A86FA76}" = 602PC SUITE
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{707790EF-9E51-1548-F90C-57B38065F38C}" = Catalyst Control Center Graphics Previews Vista
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7A997C02-81D4-4FEC-9C1C-F916611F8360}" = EWA_net_EPC
"{7AAD7C98-F146-4E68-906F-1C18DA3F9F8C}_is1" = Čeština pro iTunes 8.1.0.52
"{7B5999EE-F2DD-4677-675D-51F11C6F6181}" = Catalyst Control Center Graphics Previews Common
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{867AE74B-855F-4ABD-BCA1-7B4C0ECF2DD9}" = FlashCatcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A68C62E8-B243-4777-89BB-12173DFA1D45}" = OLYMPUS Digital Camera Updater
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AE096DBF-8878-6943-3858-7EE9D54D70B7}" = CCC Help English
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = TT-SB SDK
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4DBAD3D-84EC-4A99-9E73-37CEDF7A0B86}" = Xml Viewer
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0F1D697-0C8F-4563-A406-830AE52BCE65}" = EWA_net_WIS
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CEEFD1AB-501F-4587-B0C9-A27A38FBBD5A}" = Cerberus FTP Server
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D78A1468-84FD-4226-BB33-713A7EBE3028}" = Document_Installer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E68C5783-A1E6-4D4C-83D4-99DD470F3D94}" = EWA_net_Server
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F41852C7-939E-49A3-A5A7-5E3A81C32A8B}" = EWA_net_Core
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F49AFE1E-A8F1-4764-9138-C82C8E617E2B}" = EWA_net_Admin
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"6103-4188-8184-5707" = RapidShare Manager 2
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Airbus Series Vol.1 (FS X)" = Airbus Series Vol.1 (FS X)
"Alcohol 120%" = Alcohol 120% 2.0.1.2033 XCV Edition
"All ATI Software" = ATI - Software Uninstall Utility
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.64.43
"Back4Win_is1" = Back4Win
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"DreamCom SE_is1" = DreamCom SE 1.3
"Duke Nukem 3D (engine EDuke32 with HRP Update 4.0)" = Duke Nukem 3D (engine EDuke32 with HRP Update 4.0)
"DVBViewer Pro_is1" = DVBViewer Pro
"DynGate" = DynGate
"EASEUS Todo Backup 1.1_is1" = EASEUS Todo Backup 1.1
"eLearn 1.2.1_is1" = eLearn CDROM 1.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"EWA net" = EWA net
"FlashGet(JetCar)" = FlashGet(JetCar)
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.70
"Free Download Manager_is1" = Free Download Manager 3.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FS Global 2010" = FS Global 2010
"GeoGet_is1" = GeoGet 2.5.13.628
"HaaliMkx" = Haali Media Splitter
"HD Tune_is1" = HD Tune 2.50
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"itrafficmonitor_is1" = iTraffic Monitor v1.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Memory Max_is1" = Memory Max ver. 1.4
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 11.50.1074" = Opera 11.50
"PaperlessPrinter_is1" = PaperlessPrinter version 4.0
"PapíííClock_is1" = PapíííClock 1.2
"PDF reDirect" = PDF reDirect (remove only)
"PHARAOHEDITOR_is1" = MAX's HTML Beauty++ 2004
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče verze 58 sestavení 212
"RealPlayer 12.0" = RealPlayer
"Resco Explorer" = Resco Explorer
"Revo Uninstaller" = Revo Uninstaller 1.93
"ScreenVirtuoso Pro 2.00_is1" = ScreenVirtuoso Pro 2.00
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Streamripper" = Streamripper (Remove only)
"TeamViewer" = TeamViewer
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"UPsani" = Učitel psaní
"uTorrent" = µTorrent
"VB6Files" = VB6Files
"VCDS Beta 11.2" = VCDS Beta 11.2.0
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Xerox Phaser 6110MFP" = Xerox Phaser 6110MFP
"XML Marker_is1" = XML Marker version 1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"A380v2 (FSX)" = A380v2 (FSX)
"Airbus Series Vol.2 (FS X)" = Airbus Series Vol.2 (FS X)
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"QIP 2005" = QIP 2005 8095
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: Prosím o kontrolu logu WIN7_64BIT
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383 IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..browser.search.order.1: "Ask.com" [2011.10.12 21:17:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com 2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml [2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml [2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml [2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml [2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml [2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml [2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml [2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml [2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml [2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml [2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={searchTerms}&from=os O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O15 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [22 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ] [3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"=- "TkBellExe"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\FIREFOX STAHOVANI\facebook-pic000934519.exe"=- :files c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar C:\FIREFOX STAHOVANI\facebook-pic000934519.exe c:\windows\nvsvc32.exe C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
OTL logfile created on: 13.10.2011 21:54:22 - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 42,80% Memory free
7,99 Gb Paging File | 5,44 Gb Available in Paging File | 68,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 15,90 Gb Free Space | 8,54% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,26 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive G: | 15,03 Gb Total Space | 6,03 Gb Free Space | 40,11% Space Free | Partition Type: NTFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.13 19:01:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
PRC - [2011.10.13 19:01:24 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
PRC - [2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
PRC - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.08.28 17:07:48 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.06.09 13:53:26 | 000,101,888 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2010.05.07 19:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.09.10 10:34:12 | 007,322,624 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.09.09 17:02:26 | 006,060,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.08.19 19:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.06.19 19:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.04.22 14:44:12 | 000,942,080 | ---- | M] (Charles DeWeese) -- C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
PRC - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009.02.06 17:02:16 | 000,170,496 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
PRC - [2008.04.04 14:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.13 19:01:24 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 3\mozjs.dll
MOD - [2011.09.26 18:19:22 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.06.17 10:50:19 | 003,940,352 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
MOD - [2010.05.03 10:07:14 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2009.08.27 19:41:46 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 19:41:46 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.05.22 14:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsusService.dll
MOD - [2009.04.01 14:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2008.12.02 11:04:26 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.09 21:27:51 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.08.04 03:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.07 19:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.07 19:00:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.07 19:00:53 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.11.08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS)
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core)
SRV - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe -- (EWA net Server)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.03.30 19:14:07 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.31 15:11:07 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 03:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.08.03 09:23:04 | 000,100,472 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_650_16339.SYS -- (NEOFLTR_650_16339) Juniper Networks TDI Filter Driver (NEOFLTR_650_16339)
DRV:64bit: - [2010.07.27 10:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C160(UVC)
DRV:64bit: - [2010.07.27 10:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.07.27 10:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.07.15 14:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.01.27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.01.27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2009.12.02 12:20:56 | 000,137,608 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EuDisk.sys -- (EuDisk)
DRV:64bit: - [2009.10.21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV:64bit: - [2009.10.19 05:32:40 | 000,511,232 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF35.sys -- (AVerAF35)
DRV:64bit: - [2009.07.18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 07:34:38 | 000,344,592 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MtsBda.sys -- (MTSBDA)
DRV:64bit: - [2009.07.10 05:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.09.09 06:02:29 | 000,047,104 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2010.01.27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.12.02 12:21:00 | 000,026,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eufs.sys -- (EUFS)
DRV - [2009.12.02 12:20:58 | 000,017,800 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009.12.02 12:20:56 | 000,030,600 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.05.16 17:41:28 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.12.23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.08.11 08:39:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "file://///WL-500GPV2/part0/intra/index.html"
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 3\components [2011.10.13 19:01:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 3\plugins [2011.08.28 17:08:53 | 000,000,000 | ---D | M]
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Extensions
[2011.10.13 21:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions
[2011.10.13 21:17:47 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com
[2011.08.27 23:54:15 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\firefox@tvunetworks.com
[2011.07.03 16:44:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com
[2011.04.23 19:01:31 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\maps@ovi.com
[2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml
[2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml
[2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml
[2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml
[2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml
[2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml
[2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml
[2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml
[2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml
[2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml
[2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
========== Chrome ==========
CHR - default_search_provider: QIP Search (Enabled)
CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: CacheList = C:\Users\ROMAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\1.1.4_1\
O1 HOSTS File: ([2011.08.31 21:07:57 | 000,000,191 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (SnapFlash Class) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll (justDo Software)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe (Charles DeWeese)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8:64bit: - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra 'Tools' menuitem : Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx (FormelEditor Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F14682-7CF1-4ACC-AB77-273B148D4CB8}: DhcpNameServer = 10.0.0.138 10.0.0.50
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.13 19:00:52 | 000,000,000 | ---D | M] - G:\Autocad 2012 32bit -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.10.12 23:42:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.12 23:41:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.10.12 23:41:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.10.12 23:41:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.10.12 23:41:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.10.12 23:41:22 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.10.12 23:41:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.10.12 23:41:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.10.12 23:41:21 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.10.12 23:41:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.10.12 22:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLearn
[2011.10.12 21:54:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:32:22 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.10.12 21:32:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.10.12 21:32:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.10.12 21:32:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.10.12 21:27:10 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.10.12 21:27:09 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.10.10 19:33:40 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\cache
[2011.10.09 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\Inventor
[2011.10.09 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.10.09 21:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011.10.09 21:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011.10.09 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DynGate
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DynGate
[2011.10.06 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer
[2011.10.06 21:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2011.10.06 21:10:13 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\temp
[2011.10.06 21:02:59 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.10.06 21:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011.10.04 21:21:49 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\certifikaty z posty
[2011.10.04 21:15:39 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\IPBOX
[2011.10.04 20:49:41 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.10.04 20:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QIP 2010
[2011.10.04 18:00:06 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\KARTY 4.10.12
[2011.09.29 19:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2011.09.29 19:13:01 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\WFRCConfig
[2011.09.29 19:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFast PVR2
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.10.13 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
[2011.10.13 19:52:50 | 000,001,232 | ---- | M] () -- C:\Users\ROMAN\Desktop\final.sec
[2011.10.13 19:51:32 | 000,107,012 | ---- | M] () -- C:\Users\ROMAN\Desktop\majesty2.pdf
[2011.10.13 19:03:25 | 001,719,944 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.13 19:03:25 | 000,718,790 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.10.13 19:03:25 | 000,702,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.13 19:03:25 | 000,160,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.10.13 19:03:25 | 000,140,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.13 18:07:59 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.13 18:07:59 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.13 18:07:40 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.10.13 17:57:02 | 005,160,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.13 17:55:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.13 17:54:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.10.13 17:54:42 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.12 22:16:28 | 000,000,650 | ---- | M] () -- C:\Users\ROMAN\Desktop\eLearn.lnk
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:06:44 | 000,337,913 | ---- | M] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | M] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.09 21:23:22 | 001,701,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011.10.07 19:00:53 | 000,080,768 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011.10.07 19:00:53 | 000,034,688 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011.10.07 13:44:45 | 000,002,397 | ---- | M] () -- C:\Users\ROMAN\Desktop\Google Chrome.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | M] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.10.04 20:48:31 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.09.29 19:24:53 | 000,000,002 | ---- | M] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.09.29 19:12:48 | 000,001,705 | ---- | M] () -- C:\Users\Public\Desktop\RCConfig.lnk
[2011.09.29 19:12:46 | 000,001,545 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.09.28 16:44:40 | 000,001,000 | ---- | M] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.09.26 18:19:22 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.09.26 17:43:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
[2011.09.13 22:13:59 | 000,120,356 | ---- | M] () -- C:\Users\ROMAN\Desktop\skupina.jpg
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.13 19:52:49 | 000,001,232 | ---- | C] () -- C:\Users\ROMAN\Desktop\final.sec
[2011.10.13 19:51:32 | 000,107,012 | ---- | C] () -- C:\Users\ROMAN\Desktop\majesty2.pdf
[2011.10.12 22:16:28 | 000,000,650 | ---- | C] () -- C:\Users\ROMAN\Desktop\eLearn.lnk
[2011.10.12 21:59:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.12 21:07:08 | 000,337,913 | ---- | C] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | C] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | C] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.10.04 20:48:31 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.09.29 19:12:48 | 000,001,705 | ---- | C] () -- C:\Users\Public\Desktop\RCConfig.lnk
[2011.09.29 19:12:46 | 000,001,545 | ---- | C] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.09.26 17:43:06 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
[2011.09.13 22:13:59 | 000,120,356 | ---- | C] () -- C:\Users\ROMAN\Desktop\skupina.jpg
[2011.07.31 15:17:04 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2011.07.31 15:17:04 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2011.07.31 15:16:57 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2011.07.31 15:16:57 | 000,307,200 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2011.07.31 15:16:57 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2011.07.31 15:16:57 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2011.07.31 15:16:57 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2011.07.31 15:16:57 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2011.07.31 15:16:57 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2011.07.31 13:13:25 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2011.07.31 12:35:44 | 000,000,024 | ---- | C] () -- C:\Windows\softcsa.ini
[2011.07.30 20:07:58 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.07.21 17:55:26 | 000,007,630 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\resmon.resmoncfg
[2011.06.07 23:10:27 | 000,001,606 | ---- | C] () -- C:\Windows\SysWow64\font.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.30 19:37:02 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.03.30 18:16:55 | 000,001,316 | ---- | C] () -- C:\Windows\RBSystem.ini
[2011.03.30 18:13:05 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.03.30 18:09:30 | 000,000,670 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.03.06 12:47:07 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.03.03 19:18:40 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.02.24 20:42:06 | 000,000,816 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.22 12:11:24 | 000,178,441 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.02.22 12:05:14 | 000,001,000 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.18 20:55:00 | 000,001,261 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:51:24 | 000,001,048 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.02.08 11:56:55 | 000,213,640 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.18 15:33:58 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2010.11.13 19:58:56 | 001,701,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 20:29:20 | 000,454,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.10.07 21:07:04 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2010.09.27 19:50:17 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.09.27 19:50:17 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.09.15 07:54:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.13 20:01:32 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2010.09.13 20:01:32 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2010.09.13 20:01:32 | 000,004,528 | ---- | C] () -- C:\Windows\SysWow64\SETBROWS.EXE
[2010.09.10 09:40:36 | 000,005,860 | ---- | C] () -- C:\Windows\SysWow64\FMCodec.dat
[2010.09.05 22:17:43 | 000,000,917 | ---- | C] () -- C:\Windows\SysWow64\CLWatson.ini
[2010.09.03 21:22:40 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.09.03 21:22:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.09.03 21:22:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.09.03 21:22:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.09.03 21:22:35 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.09.01 23:16:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.09.01 10:13:48 | 000,000,088 | RHS- | C] () -- C:\ProgramData\720CD3C192.sys
[2010.09.01 10:13:47 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.31 20:33:16 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010.08.31 20:33:14 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010.08.31 20:26:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.31 18:20:10 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.31 18:12:04 | 000,081,920 | R--- | C] () -- C:\Windows\WiaInst.exe
[2010.08.31 17:17:02 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.08.31 14:44:09 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.08.31 14:44:09 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.08.31 14:39:19 | 000,035,975 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.08.31 14:38:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.31 14:38:54 | 000,026,147 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.07.27 10:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.07.27 10:03:20 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.07.27 10:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.01.25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\SysWow64\OGAEXEC.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== Custom Scans ==========
< :otl >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383 >
Invalid Switch: ?l=dis&o=15383
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) >
< FF - prefs.js..browser.search.defaultengine: "Ask.com" >
< FF - prefs.js..browser.search.defaultenginename: "Ask.com" >
< FF - prefs.js..browser.search.defaultthis.engineName: " " >
< FF - prefs.js..browser.search.order.1: "Ask.com" >
< [2011.10.12 21:17:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} >
< [2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com >
< 2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml >
< [2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml >
< [2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml >
< [2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml >
< [2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml >
< [2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml >
< [2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml >
< [2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml >
< [2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml >
< [2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml >
< [2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml >
< CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os >
Invalid Switch: ?query={searchTerms}&from=os
< O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) >
< O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. >
< O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found. >
< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present >
< O15 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) >
< O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found >
< O18:64bit: - Protocol\Handler\ms-help - No CLSID value found >
< O18:64bit: - Protocol\Handler\skype4com - No CLSID value found >
< O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found
< O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found >
< O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found
< [2 C:\*.tmp files -> C:\*.tmp -> ] >
< [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] >
< [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >
< [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >
< [4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >
< [8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] >
< [22 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] >
< [1 C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp -> ] >
< [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] >
< [1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ] >
< [3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] >
< >
< :reg >
< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >
< "Google Update"=- >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] >
< [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] >
< "SwitchBoard"=- >
< "TkBellExe"=- >
< "Adobe Reader Speed Launcher"=- >
< "Adobe ARM"=- >
< [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] >
< "C:\FIREFOX STAHOVANI\facebook-pic000934519.exe"=- >
< >
< :files >
< c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar >
[2011.01.05 17:45:54 | 004,799,888 | ---- | M] () -- c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar
< C:\FIREFOX STAHOVANI\facebook-pic000934519.exe >
[2011.01.25 21:40:21 | 000,094,208 | RHS- | M] () -- C:\FIREFOX STAHOVANI\facebook-pic000934519.exe
< c:\windows\nvsvc32.exe >
< C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job >
[2011.09.26 17:43:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
< C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job >
[2011.10.13 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
< %windir%\system32\*.tmp.dll /s >
< %windir%\system32\SET*.tmp /s >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %windir%\*.tmp >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< >
< :commands >
< [RESETHOSTS] >
< [EMPTYTEMP] >
< [EMPTYFLASH] >
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:05B51235
< End of report >
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ROMAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 42,80% Memory free
7,99 Gb Paging File | 5,44 Gb Available in Paging File | 68,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,21 Gb Total Space | 15,90 Gb Free Space | 8,54% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 67,26 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive G: | 15,03 Gb Total Space | 6,03 Gb Free Space | 40,11% Space Free | Partition Type: NTFS
Computer Name: ROMAN-PC | User Name: ROMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.13 19:01:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
PRC - [2011.10.13 19:01:24 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
PRC - [2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
PRC - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.08.28 17:07:48 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.06.09 16:25:32 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.06.09 13:53:26 | 000,101,888 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2010.05.07 19:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.09.10 10:34:12 | 007,322,624 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
PRC - [2009.09.09 17:02:26 | 006,060,032 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.08.19 19:12:08 | 001,043,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.06.19 19:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.04.22 14:44:12 | 000,942,080 | ---- | M] (Charles DeWeese) -- C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
PRC - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009.02.06 17:02:16 | 000,170,496 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
PRC - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
PRC - [2008.04.04 14:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe
PRC - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.13 19:01:24 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 3\mozjs.dll
MOD - [2011.09.26 18:19:22 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.06.17 10:50:19 | 003,940,352 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
MOD - [2010.05.03 10:07:14 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2009.08.27 19:41:46 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2009.08.27 19:41:46 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2009.05.22 14:16:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.04.22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsusService.dll
MOD - [2009.04.01 14:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2008.12.02 11:04:26 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.09 21:27:51 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.08.04 03:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.07 19:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.07 19:00:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.07 19:00:53 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.17 05:33:01 | 005,376,832 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.11.08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.12.17 06:44:28 | 000,053,408 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.07.17 15:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.10.23 01:22:52 | 000,364,635 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2008.10.23 01:22:52 | 000,172,121 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS)
SRV - [2008.04.04 14:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core)
SRV - [2007.11.27 13:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.31 19:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\EWA net\server\bin\tomcat.exe -- (EWA net Server)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.03.30 19:14:07 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.31 15:11:07 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.04 04:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 03:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.08.03 09:23:04 | 000,100,472 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_650_16339.SYS -- (NEOFLTR_650_16339) Juniper Networks TDI Filter Driver (NEOFLTR_650_16339)
DRV:64bit: - [2010.07.27 10:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C160(UVC)
DRV:64bit: - [2010.07.27 10:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.07.27 10:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.07.15 14:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.01.27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.01.27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2009.12.02 12:20:56 | 000,137,608 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EuDisk.sys -- (EuDisk)
DRV:64bit: - [2009.10.21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV:64bit: - [2009.10.19 05:32:40 | 000,511,232 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF35.sys -- (AVerAF35)
DRV:64bit: - [2009.07.18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 07:34:38 | 000,344,592 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MtsBda.sys -- (MTSBDA)
DRV:64bit: - [2009.07.10 05:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.09.09 06:02:29 | 000,047,104 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2010.01.27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.12.02 12:21:00 | 000,026,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eufs.sys -- (EUFS)
DRV - [2009.12.02 12:20:58 | 000,017,800 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009.12.02 12:20:56 | 000,030,600 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.05.16 17:41:28 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.12.23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.08.11 08:39:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "file://///WL-500GPV2/part0/intra/index.html"
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ROMAN\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 3\components [2011.10.13 19:01:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 3\plugins [2011.08.28 17:08:53 | 000,000,000 | ---D | M]
[2010.09.15 07:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Extensions
[2011.10.13 21:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions
[2011.10.13 21:17:47 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com
[2011.08.27 23:54:15 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\firefox@tvunetworks.com
[2011.07.03 16:44:55 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\LogMeInClient@logmein.com
[2011.04.23 19:01:31 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\maps@ovi.com
[2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml
[2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml
[2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml
[2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml
[2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml
[2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml
[2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml
[2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml
[2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml
[2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml
[2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LS90GVHB.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
========== Chrome ==========
CHR - default_search_provider: QIP Search (Enabled)
CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Chrome\Application\9.0.597.107\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ROMAN\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: CacheList = C:\Users\ROMAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\1.1.4_1\
O1 HOSTS File: ([2011.08.31 21:07:57 | 000,000,191 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (SnapFlash Class) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll (justDo Software)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe (Charles DeWeese)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8:64bit: - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\ROMAN\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra 'Tools' menuitem : Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx (FormelEditor Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F14682-7CF1-4ACC-AB77-273B148D4CB8}: DhcpNameServer = 10.0.0.138 10.0.0.50
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.13 19:00:52 | 000,000,000 | ---D | M] - G:\Autocad 2012 32bit -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.10.12 23:42:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.12 23:41:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.10.12 23:41:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.10.12 23:41:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.10.12 23:41:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.10.12 23:41:22 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.10.12 23:41:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.10.12 23:41:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.10.12 23:41:21 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.10.12 23:41:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.10.12 22:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLearn
[2011.10.12 21:54:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:32:22 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.10.12 21:32:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.10.12 21:32:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.10.12 21:32:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.10.12 21:27:10 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.10.12 21:27:09 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.10.10 19:33:40 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\cache
[2011.10.09 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\Inventor
[2011.10.09 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.10.09 21:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Local\Autodesk
[2011.10.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011.10.09 21:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011.10.09 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Autodesk
[2011.10.07 14:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DynGate
[2011.10.06 21:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DynGate
[2011.10.06 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamViewer
[2011.10.06 21:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
[2011.10.06 21:10:13 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\temp
[2011.10.06 21:02:59 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\TeamViewer
[2011.10.06 21:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011.10.04 21:21:49 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\certifikaty z posty
[2011.10.04 21:15:39 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\IPBOX
[2011.10.04 20:49:41 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\AppData\Roaming\QIP
[2011.10.04 20:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QIP 2010
[2011.10.04 18:00:06 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Desktop\KARTY 4.10.12
[2011.09.29 19:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2011.09.29 19:13:01 | 000,000,000 | ---D | C] -- C:\Users\ROMAN\Documents\WFRCConfig
[2011.09.29 19:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFast PVR2
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.10.13 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
[2011.10.13 19:52:50 | 000,001,232 | ---- | M] () -- C:\Users\ROMAN\Desktop\final.sec
[2011.10.13 19:51:32 | 000,107,012 | ---- | M] () -- C:\Users\ROMAN\Desktop\majesty2.pdf
[2011.10.13 19:03:25 | 001,719,944 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.13 19:03:25 | 000,718,790 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.10.13 19:03:25 | 000,702,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.13 19:03:25 | 000,160,308 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.10.13 19:03:25 | 000,140,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.13 18:07:59 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.13 18:07:59 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.13 18:07:40 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.10.13 17:57:02 | 005,160,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.13 17:55:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.13 17:54:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.10.13 17:54:42 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.12 22:16:28 | 000,000,650 | ---- | M] () -- C:\Users\ROMAN\Desktop\eLearn.lnk
[2011.10.12 21:59:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.12 21:55:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ROMAN\Desktop\OTL.exe
[2011.10.12 21:06:44 | 000,337,913 | ---- | M] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | M] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.09 21:23:22 | 001,701,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.07 19:00:53 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011.10.07 19:00:53 | 000,080,768 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011.10.07 19:00:53 | 000,034,688 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011.10.07 13:44:45 | 000,002,397 | ---- | M] () -- C:\Users\ROMAN\Desktop\Google Chrome.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | M] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.10.04 20:48:31 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.09.29 19:24:53 | 000,000,002 | ---- | M] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.09.29 19:12:48 | 000,001,705 | ---- | M] () -- C:\Users\Public\Desktop\RCConfig.lnk
[2011.09.29 19:12:46 | 000,001,545 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.09.28 16:44:40 | 000,001,000 | ---- | M] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.09.26 18:19:22 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.09.26 17:43:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
[2011.09.13 22:13:59 | 000,120,356 | ---- | M] () -- C:\Users\ROMAN\Desktop\skupina.jpg
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.13 19:52:49 | 000,001,232 | ---- | C] () -- C:\Users\ROMAN\Desktop\final.sec
[2011.10.13 19:51:32 | 000,107,012 | ---- | C] () -- C:\Users\ROMAN\Desktop\majesty2.pdf
[2011.10.12 22:16:28 | 000,000,650 | ---- | C] () -- C:\Users\ROMAN\Desktop\eLearn.lnk
[2011.10.12 21:59:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.12 21:07:08 | 000,337,913 | ---- | C] () -- C:\Users\ROMAN\Desktop\Fiat přední náprava.pdf
[2011.10.10 19:37:12 | 000,294,767 | ---- | C] () -- C:\Users\ROMAN\Desktop\smazat screen.jpg
[2011.10.09 21:31:48 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk
[2011.10.09 21:27:29 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - česky.lnk
[2011.10.06 21:21:58 | 000,001,123 | ---- | C] () -- C:\Users\ROMAN\Desktop\TeamViewer.lnk
[2011.10.06 21:02:20 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.10.06 21:02:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.10.04 20:48:31 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.09.29 19:12:48 | 000,001,705 | ---- | C] () -- C:\Users\Public\Desktop\RCConfig.lnk
[2011.09.29 19:12:46 | 000,001,545 | ---- | C] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.09.26 17:43:06 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
[2011.09.13 22:13:59 | 000,120,356 | ---- | C] () -- C:\Users\ROMAN\Desktop\skupina.jpg
[2011.07.31 15:17:04 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2011.07.31 15:17:04 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2011.07.31 15:16:57 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2011.07.31 15:16:57 | 000,307,200 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2011.07.31 15:16:57 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2011.07.31 15:16:57 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2011.07.31 15:16:57 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2011.07.31 15:16:57 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2011.07.31 15:16:57 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2011.07.31 13:13:25 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2011.07.31 12:35:44 | 000,000,024 | ---- | C] () -- C:\Windows\softcsa.ini
[2011.07.30 20:07:58 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2011.07.21 17:55:26 | 000,007,630 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\resmon.resmoncfg
[2011.06.07 23:10:27 | 000,001,606 | ---- | C] () -- C:\Windows\SysWow64\font.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.30 19:37:02 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.03.30 18:16:55 | 000,001,316 | ---- | C] () -- C:\Windows\RBSystem.ini
[2011.03.30 18:13:05 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.03.30 18:09:30 | 000,000,670 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.03.06 12:47:07 | 000,001,184 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.03.03 19:18:40 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.02.24 20:42:06 | 000,000,816 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(3).nast
[2011.02.22 12:11:24 | 000,178,441 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).err
[2011.02.22 12:05:14 | 000,001,000 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader(2).nast
[2011.02.18 20:55:00 | 000,001,261 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.err
[2011.02.18 20:51:24 | 000,001,048 | ---- | C] () -- C:\Users\ROMAN\AppData\Local\SRDownloader.nast
[2011.02.08 11:56:55 | 000,213,640 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.18 15:33:58 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2010.11.13 19:58:56 | 001,701,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 20:29:20 | 000,454,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.10.07 21:07:04 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2010.09.27 19:50:17 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.09.27 19:50:17 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.09.15 07:54:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.13 20:01:32 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2010.09.13 20:01:32 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
[2010.09.13 20:01:32 | 000,004,528 | ---- | C] () -- C:\Windows\SysWow64\SETBROWS.EXE
[2010.09.10 09:40:36 | 000,005,860 | ---- | C] () -- C:\Windows\SysWow64\FMCodec.dat
[2010.09.05 22:17:43 | 000,000,917 | ---- | C] () -- C:\Windows\SysWow64\CLWatson.ini
[2010.09.03 21:22:40 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.09.03 21:22:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.09.03 21:22:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.09.03 21:22:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.09.03 21:22:35 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.09.01 23:16:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.09.01 10:13:48 | 000,000,088 | RHS- | C] () -- C:\ProgramData\720CD3C192.sys
[2010.09.01 10:13:47 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.31 20:33:16 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll
[2010.08.31 20:33:14 | 000,414,208 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2010.08.31 20:26:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.31 18:20:10 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.31 18:12:04 | 000,081,920 | R--- | C] () -- C:\Windows\WiaInst.exe
[2010.08.31 17:17:02 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.08.31 14:44:09 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.08.31 14:44:09 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.08.31 14:39:19 | 000,035,975 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.08.31 14:38:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.31 14:38:54 | 000,026,147 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.07.27 10:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.07.27 10:03:20 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.07.27 10:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.01.25 12:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\SysWow64\OGAEXEC.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== Custom Scans ==========
< :otl >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\XXX\XXX bodyparts >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm >
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383 >
Invalid Switch: ?l=dis&o=15383
< IE - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) >
< FF - prefs.js..browser.search.defaultengine: "Ask.com" >
< FF - prefs.js..browser.search.defaultenginename: "Ask.com" >
< FF - prefs.js..browser.search.defaultthis.engineName: " " >
< FF - prefs.js..browser.search.order.1: "Ask.com" >
< [2011.10.12 21:17:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} >
< [2011.06.09 21:02:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com >
< 2011.08.18 11:06:11 | 000,002,396 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\askcom.xml >
< [2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml >
< [2011.10.12 21:13:41 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml >
< [2010.04.04 20:43:16 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml >
< [2010.06.24 20:51:50 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml >
< [2010.06.29 17:55:56 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml >
< [2010.07.23 22:53:08 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml >
< [2010.07.26 18:52:32 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml >
< [2010.09.15 09:38:38 | 000,000,950 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml >
< [2010.03.23 10:52:40 | 000,000,944 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml >
< [2009.12.10 14:05:14 | 000,002,061 | ---- | M] () -- C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml >
< CHR - default_search_provider: search_url = http://search.qip.ru/search/?query={sea ... s}&from=os >
Invalid Switch: ?query={searchTerms}&from=os
< O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) >
< O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. >
< O3 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found. >
< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present >
< O15 - HKU\S-1-5-21-876401281-3636213226-3406816674-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) >
< O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found >
< O18:64bit: - Protocol\Handler\ms-help - No CLSID value found >
< O18:64bit: - Protocol\Handler\skype4com - No CLSID value found >
< O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found
< O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found >
< O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found
< [2 C:\*.tmp files -> C:\*.tmp -> ] >
< [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] >
< [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >
< [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >
< [4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >
< [8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] >
< [22 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] >
< [1 C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\*.tmp -> ] >
< [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] >
< [1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ] >
< [3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] >
< >
< :reg >
< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >
< "Google Update"=- >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] >
< [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] >
< "SwitchBoard"=- >
< "TkBellExe"=- >
< "Adobe Reader Speed Launcher"=- >
< "Adobe ARM"=- >
< [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] >
< "C:\FIREFOX STAHOVANI\facebook-pic000934519.exe"=- >
< >
< :files >
< c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar >
[2011.01.05 17:45:54 | 004,799,888 | ---- | M] () -- c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar
< C:\FIREFOX STAHOVANI\facebook-pic000934519.exe >
[2011.01.25 21:40:21 | 000,094,208 | RHS- | M] () -- C:\FIREFOX STAHOVANI\facebook-pic000934519.exe
< c:\windows\nvsvc32.exe >
< C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job >
[2011.09.26 17:43:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job
< C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job >
[2011.10.13 21:44:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
< %windir%\system32\*.tmp.dll /s >
< %windir%\system32\SET*.tmp /s >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %windir%\*.tmp >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< >
< :commands >
< [RESETHOSTS] >
< [EMPTYTEMP] >
< [EMPTYFLASH] >
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:05B51235
< End of report >
Re: Prosím o kontrolu logu WIN7_64BIT
Mel jste dat opravit ne prohledat, takze znovu a lepe prosim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
Dobrý večer, omlouvám se za omyl zde je log
All processes killed
========== OTL ==========
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default Download Directory| /E : value set successfully!
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: " " removed from browser.search.defaultthis.engineName
Prefs.js: "Ask.com" removed from browser.search.order.1
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml moved successfully.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\STF30D3.tmp deleted successfully.
C:\STF8CAA.tmp deleted successfully.
C:\Windows\SysWow64\SET25C9.tmp deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9E7.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9E7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE1AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF4AA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP13D0.tmp\Microsoft.VisualC.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP13D0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP21A4.tmp\Microsoft.Ink.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP21A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP49AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA3EF.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA3EF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB110.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC34E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1A97.tmp deleted successfully.
C:\Windows\Installer\MSI1AA8.tmp deleted successfully.
C:\Windows\Installer\MSI23E5.tmp deleted successfully.
C:\Windows\Installer\MSI23E6.tmp deleted successfully.
C:\Windows\Installer\MSI3497.tmp deleted successfully.
C:\Windows\Installer\MSI3866.tmp deleted successfully.
C:\Windows\Installer\MSI431E.tmp deleted successfully.
C:\Windows\Installer\MSI4CD9.tmp deleted successfully.
C:\Windows\Installer\MSI6671.tmp deleted successfully.
C:\Windows\Installer\MSI849E.tmp deleted successfully.
C:\Windows\Installer\MSI85BC.tmp deleted successfully.
C:\Windows\Installer\MSIAB0C.tmp deleted successfully.
C:\Windows\Installer\MSIADC3.tmp deleted successfully.
C:\Windows\Installer\MSIB924.tmp deleted successfully.
C:\Windows\Installer\MSIC349.tmp deleted successfully.
C:\Windows\Installer\MSICAC7.tmp deleted successfully.
C:\Windows\Installer\MSICD18.tmp deleted successfully.
C:\Windows\Installer\MSICDD4.tmp deleted successfully.
C:\Windows\Installer\MSIDCB4.tmp deleted successfully.
C:\Windows\Installer\MSIF112.tmp deleted successfully.
C:\Windows\Installer\MSIF12E.tmp deleted successfully.
C:\Windows\Installer\MSIFD0F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\BIT234.tmp deleted successfully.
C:\Windows\Temp\RGI1E80.tmp deleted successfully.
C:\Windows\Temp\RGIB87C.tmp deleted successfully.
C:\Windows\Temp\RGIDB86.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\FIREFOX STAHOVANI\facebook-pic000934519.exe deleted successfully.
========== FILES ==========
c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar moved successfully.
C:\FIREFOX STAHOVANI\facebook-pic000934519.exe moved successfully.
File\Folder c:\windows\nvsvc32.exe not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Public
->Temp folder emptied: 0 bytes
User: ROMAN
->Temp folder emptied: 2002 bytes
->Temporary Internet Files folder emptied: 308947040 bytes
->Java cache emptied: 27459622 bytes
->FireFox cache emptied: 668744168 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 14884864 bytes
->Opera cache emptied: 3525041 bytes
->Flash cache emptied: 23401 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83123699 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 32438356 bytes
Total Files Cleaned = 1 086,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
User: Public
User: ROMAN
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 10142011_221411
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_ROMAN-PC$\3156 not found!
Registry entries deleted on Reboot...
zde je logAll processes killed
========== OTL ==========
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default Download Directory| /E : value set successfully!
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: " " removed from browser.search.defaultthis.engineName
Prefs.js: "Ask.com" removed from browser.search.order.1
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\conduit.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\qipsearch.xml moved successfully.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-876401281-3636213226-3406816674-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\STF30D3.tmp deleted successfully.
C:\STF8CAA.tmp deleted successfully.
C:\Windows\SysWow64\SET25C9.tmp deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9E7.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9E7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE1AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF4AA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP13D0.tmp\Microsoft.VisualC.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP13D0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP21A4.tmp\Microsoft.Ink.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP21A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP49AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA3EF.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA3EF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB110.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC34E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1A97.tmp deleted successfully.
C:\Windows\Installer\MSI1AA8.tmp deleted successfully.
C:\Windows\Installer\MSI23E5.tmp deleted successfully.
C:\Windows\Installer\MSI23E6.tmp deleted successfully.
C:\Windows\Installer\MSI3497.tmp deleted successfully.
C:\Windows\Installer\MSI3866.tmp deleted successfully.
C:\Windows\Installer\MSI431E.tmp deleted successfully.
C:\Windows\Installer\MSI4CD9.tmp deleted successfully.
C:\Windows\Installer\MSI6671.tmp deleted successfully.
C:\Windows\Installer\MSI849E.tmp deleted successfully.
C:\Windows\Installer\MSI85BC.tmp deleted successfully.
C:\Windows\Installer\MSIAB0C.tmp deleted successfully.
C:\Windows\Installer\MSIADC3.tmp deleted successfully.
C:\Windows\Installer\MSIB924.tmp deleted successfully.
C:\Windows\Installer\MSIC349.tmp deleted successfully.
C:\Windows\Installer\MSICAC7.tmp deleted successfully.
C:\Windows\Installer\MSICD18.tmp deleted successfully.
C:\Windows\Installer\MSICDD4.tmp deleted successfully.
C:\Windows\Installer\MSIDCB4.tmp deleted successfully.
C:\Windows\Installer\MSIF112.tmp deleted successfully.
C:\Windows\Installer\MSIF12E.tmp deleted successfully.
C:\Windows\Installer\MSIFD0F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\a424b479d645d6c684837569de1b9fdc\BIT234.tmp deleted successfully.
C:\Windows\Temp\RGI1E80.tmp deleted successfully.
C:\Windows\Temp\RGIB87C.tmp deleted successfully.
C:\Windows\Temp\RGIDB86.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\FIREFOX STAHOVANI\facebook-pic000934519.exe deleted successfully.
========== FILES ==========
c:\FIREFOX STAHOVANI\NFSHP2010_Crack.rar moved successfully.
C:\FIREFOX STAHOVANI\facebook-pic000934519.exe moved successfully.
File\Folder c:\windows\nvsvc32.exe not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc7c62fc3809f1.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Public
->Temp folder emptied: 0 bytes
User: ROMAN
->Temp folder emptied: 2002 bytes
->Temporary Internet Files folder emptied: 308947040 bytes
->Java cache emptied: 27459622 bytes
->FireFox cache emptied: 668744168 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 14884864 bytes
->Opera cache emptied: 3525041 bytes
->Flash cache emptied: 23401 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83123699 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 32438356 bytes
Total Files Cleaned = 1 086,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
User: Public
User: ROMAN
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 10142011_221411
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_ROMAN-PC$\3156 not found!
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu WIN7_64BIT
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
romcolahvac
- Návštěvník
- Příspěvky: 186
- Registrován: 23 pro 2008 00:30
Re: Prosím o kontrolu logu WIN7_64BIT
Dobrý podvečer, tak všechno provedeno a počítač se zdá být v pořádku, tímto Vám děkuji za kontrolu a řešení
Re: Prosím o kontrolu logu WIN7_64BIT
Nemate zac, rad jsem pomohl 
Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?