Kontrola logu

Zpráva

HopemZabar · #1 Příspěvek od **HopemZabar** » 13 lis 2011 00:37

Poprosim o preventivku, dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ado at 2011-11-13 00:18:01
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 57 GB (30%) free of 191 GB
Total RAM: 3325 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:19:22, on 13. 11. 2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Ado\Downloads\RSIT.exe
C:\Program Files\trend micro\Ado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ulozto.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - 00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ado\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [toscdspd] TOSCDSPD.EXE
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?SK (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8755 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://sk.darkorbit.com/?aid=1292&aig=22&aip=sup1_s"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, toolbar@ask.com:3.12.2.16749, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... n_dtid=&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
stahuj@centrum.cz
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"NDSTray.exe"=NDSTray.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-07-31 417792]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2054360]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Ado\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-23 133104]
"toscdspd"=TOSCDSPD.EXE []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe]
cfFncEnabler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDMICtrlMan]
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-05-20 716800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetFxUpdate_v1.1.4322]
C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
TOSCDSPD.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO]
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2007-09-04 557568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\setup.exe"="D:\\setup.exe:*:Enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.VP60"=vp6vfw.dll
"VIDC.VP61"=vp6vfw.dll
"VIDC.VP62"=vp6vfw.dll
"VIDC.VP70"=vp7vfw.dll
"VIDC.X264"=vp7vfw.dll
"vidc.i263"=i263_32.drv
"VIDC.HFYU"=huffyuv.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.ac3filter"=ac3filter.acm
"msacm.divxa32"=divxa32.acm
"msacm.l3codecp"=l3codecp.acm
"msacm.lameacm"=lameACM.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-13 00:18:01 ----D---- C:\rsit
2011-11-13 00:18:01 ----D---- C:\Program Files\trend micro
2011-11-09 08:23:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-10-15 05:58:13 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-15 05:58:12 ----A---- C:\Windows\system32\iertutil.dll
2011-10-15 05:58:10 ----A---- C:\Windows\system32\ieui.dll
2011-10-15 05:58:09 ----A---- C:\Windows\system32\wininet.dll
2011-10-15 05:58:09 ----A---- C:\Windows\system32\jscript.dll
2011-10-15 05:58:08 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-15 05:58:08 ----A---- C:\Windows\system32\jscript9.dll
2011-10-15 05:58:06 ----A---- C:\Windows\system32\urlmon.dll
2011-10-15 05:58:05 ----A---- C:\Windows\system32\url.dll
2011-10-15 05:58:05 ----A---- C:\Windows\system32\ieframe.dll
2011-10-15 05:58:01 ----A---- C:\Windows\system32\mshtml.dll
2011-10-15 05:50:26 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2011-11-13 00:18:15 ----D---- C:\Windows\Prefetch
2011-11-13 00:18:08 ----D---- C:\Windows\temp
2011-11-13 00:18:01 ----RD---- C:\Program Files
2011-11-13 00:03:15 ----AD---- C:\Windows\System32
2011-11-13 00:03:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-13 00:03:14 ----D---- C:\Windows\inf
2011-11-12 23:58:29 ----D---- C:\Windows\system32\catroot2
2011-11-12 07:06:40 ----SHD---- C:\System Volume Information
2011-11-09 09:01:33 ----D---- C:\Windows\winsxs
2011-11-09 08:41:19 ----D---- C:\Windows\system32\catroot
2011-11-09 08:38:43 ----D---- C:\Program Files\Windows Mail
2011-11-09 08:38:42 ----D---- C:\Windows\system32\drivers
2011-11-09 08:35:03 ----D---- C:\Windows\Debug
2011-11-09 08:35:01 ----A---- C:\Windows\system32\mrt.exe
2011-11-09 08:34:32 ----D---- C:\Program Files\Common Files\System
2011-10-31 11:04:15 ----D---- C:\Users\Ado\AppData\Roaming\Vso
2011-10-21 12:15:09 ----D---- C:\Windows
2011-10-16 06:09:26 ----D---- C:\Windows\Microsoft.NET
2011-10-16 06:09:24 ----RSD---- C:\Windows\assembly
2011-10-15 06:38:17 ----D---- C:\Windows\rescache
2011-10-15 06:16:10 ----D---- C:\Windows\system32\migration
2011-10-15 06:16:09 ----D---- C:\Program Files\Internet Explorer
2011-10-15 06:16:07 ----D---- C:\Windows\system32\sk-SK
2011-10-15 05:57:11 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-08-08 14352]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-16 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-08-19 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2007-08-31 20352]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-06-02 279712]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-09-11 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-09-11 38240]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-06-02 25888]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-28 919552]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-08 3885568]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2007-09-05 92544]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-04-11 47360]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-02-27 141408]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 a9omhxyh;a9omhxyh; C:\Windows\system32\drivers\a9omhxyh.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-06-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-06-25 25512]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\Windows\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\Windows\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\Windows\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-08 700416]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-09-11 735960]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-18 655624]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-21 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2007-10-30 937984]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 13 lis 2011 07:03

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

#3 Příspěvek od **Mc_Murphy** » 13 lis 2011 07:12

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary! Jsou to veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.

Fixni v HJT tyto položky:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - 00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ado\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [toscdspd] TOSCDSPD.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?SK (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Ado.exe

Dále stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
*legalizator* /s
*registration* /s
*Office 2010* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

HopemZabar · #4 Příspěvek od **HopemZabar** » 14 lis 2011 13:01

OTL logfile created on: 14. 11. 2011 11:39:59 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ado\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,25 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 62,92% Memory free
6,72 Gb Paging File | 5,64 Gb Available in Paging File | 83,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,15 Gb Total Space | 54,69 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Drive E: | 184,99 Gb Total Space | 113,57 Gb Free Space | 61,39% Space Free | Partition Type: NTFS

Computer Name: ADO-PC | User Name: Ado | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
PRC - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/09/11 07:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/07/10 17:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/04/22 11:44:00 | 000,648,520 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2008/04/18 19:27:52 | 000,316,744 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2008/04/18 19:27:40 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008/04/17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/16 16:43:32 | 002,577,736 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2008/04/14 23:05:40 | 002,979,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/31 19:08:50 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008/03/19 13:35:42 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/09 10:38:44 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/08 04:02:56 | 000,420,920 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
MOD - [2011/11/08 04:02:55 | 003,702,840 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/08 04:01:20 | 000,122,952 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/08 04:01:19 | 000,222,280 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/08 04:01:17 | 001,746,504 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2008/10/11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/08/08 02:03:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/03/06 10:14:54 | 005,121,912 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007/12/25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007/12/14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/12/01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2006/10/10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/07/22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2009/10/18 13:30:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/11 07:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 00:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/06/25 11:59:02 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/06/25 11:59:02 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/01/16 12:46:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/11 07:26:26 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009/09/11 07:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 07:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 07:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/06/19 09:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/06/02 01:15:26 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/06/02 01:15:26 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/08/19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/08/08 02:04:00 | 003,885,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/08/08 02:04:00 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/04/23 17:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/04/15 09:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/03/25 13:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 11:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/03/17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/27 19:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/15 18:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/09/05 00:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/08/31 17:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 15:14:22 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006/11/30 15:14:14 | 000,086,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45obex.sys -- (se45obex)
DRV - [2006/11/30 15:14:10 | 000,088,624 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006/11/30 15:14:10 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006/11/30 15:14:04 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006/11/30 15:14:04 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006/11/30 15:13:56 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006/11/28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/07/11 18:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/01/07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEA

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ulozto.cz/
IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://sk.darkorbit.com/?aid=1292&aig=22&aip=sup1_s"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16749
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/03/17 16:12:00 | 000,000,000 | ---D | M]

[2009/05/23 14:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Extensions
[2011/11/14 11:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions
[2011/11/10 17:01:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/23 23:53:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/11/10 17:01:13 | 000,002,557 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\searchplugins\askcom.xml
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/12 10:42:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/12 11:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/13 01:21:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/12 12:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/15 09:26:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/05/23 14:36:33 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/09 17:41:06 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/04/09 17:41:06 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011/04/09 17:41:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011/04/09 17:41:06 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/04/09 17:41:06 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ado\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_JamesWhite = C:\Users\Ado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\

O1 HOSTS File: ([2011/09/20 09:25:51 | 000,437,852 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15062 more lines...
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55526FF5-4273-4464-9945-58B00690A785}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{a202a486-286b-11e0-8a79-00037a9e6452}\Shell\AutoRun\command - "" = H:\USBNB.exe
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\explore\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\open\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\Mpeg\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\Mpeg\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\System32\I263_32.drv (Intel Corporation)
Drivers32: VIDC.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011/11/14 11:35:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\rsit
[2009/10/06 08:45:30 | 007,993,160 | ---- | C] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2009/04/11 11:16:14 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Ado\AppData\Roaming\pcouffin.sys
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011/11/14 11:43:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/11/14 11:38:04 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000UA.job
[2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/14 11:17:34 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 11:17:34 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 11:10:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 11:10:55 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 11:10:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 11:10:35 | 3487,391,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/12 06:56:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/10 22:42:14 | 000,002,072 | ---- | M] () -- C:\Users\Ado\Desktop\Google Chrome.lnk
[2011/11/10 20:38:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000Core.job
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/14 11:43:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/04/20 11:47:26 | 000,000,000 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\wklnhst.dat
[2010/04/21 14:55:45 | 000,000,045 | -H-- | C] () -- C:\Windows\dvis3006.dat
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/16 20:07:48 | 000,564,224 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2010/03/16 20:07:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/03/16 20:07:47 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/03/16 20:07:23 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/03/14 15:18:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009/12/27 17:16:13 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/20 21:04:27 | 000,001,041 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\vso_ts_preview.xml
[2009/09/17 07:26:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/17 07:26:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/03 15:52:37 | 000,000,022 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009/09/03 15:52:37 | 000,000,014 | ---- | C] () -- C:\Windows\dswplug.ini
[2009/06/22 23:58:53 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/22 13:33:23 | 000,000,005 | ---- | C] () -- C:\Windows\sbacknt.bin
[2009/06/02 01:15:26 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/06/02 01:15:26 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/05/23 14:36:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/04/23 18:14:44 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/04/23 18:14:43 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/04/23 18:14:36 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/04/14 15:39:23 | 000,001,356 | ---- | C] () -- C:\Users\Ado\AppData\Local\d3d9caps.dat
[2009/04/13 08:41:47 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/04/11 11:16:14 | 000,087,608 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2009/04/11 11:16:14 | 000,007,887 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.cat
[2009/04/11 11:16:14 | 000,001,144 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.inf
[2009/03/09 20:53:02 | 000,056,320 | ---- | C] () -- C:\Users\Ado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/09 13:26:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/03/09 13:26:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/03/09 13:26:46 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/03/09 13:26:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/03/09 12:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/11/21 10:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/11/21 10:05:51 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/11/21 10:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/11/21 10:05:51 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/11/21 10:05:51 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/11/21 09:24:44 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/11/21 09:24:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/11/21 09:24:43 | 000,174,820 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/11/21 09:24:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/11/21 08:54:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/11/21 08:30:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 002,325,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,604,764 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,096 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/20 21:07:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2005/10/15 13:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 13:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2009/06/09 19:36:13 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\.#
[2009/05/23 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\.Torrent Swapper
[2009/12/01 11:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\2K Sports
[2009/04/06 16:34:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\aAvgApi
[2010/01/13 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\BitCometLite
[2009/04/23 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\DAEMON Tools Lite
[2010/03/17 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\ESET
[2010/05/13 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Facebook
[2009/12/30 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FlashGet
[2010/03/22 17:40:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\fltk.org
[2009/09/29 14:07:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FrostWire
[2009/04/23 18:07:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Leadertech
[2011/08/05 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Lionhead Studios
[2010/01/26 11:14:41 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\lowsec
[2011/01/31 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\MAGIX
[2011/05/27 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mirillis
[2010/04/21 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\mojosoft
[2011/04/20 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Template
[2009/07/02 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\The Creative Assembly
[2009/03/13 10:43:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Toshiba
[2011/08/28 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\TS3Client
[2010/12/06 21:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ubisoft
[2011/10/12 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\uTorrent
[2009/06/23 08:40:39 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vghd
[2011/02/13 08:45:10 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\VitySoft
[2011/10/31 11:04:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Vso
[2010/04/21 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Zoner
[2011/11/13 01:11:36 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008/01/21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008/01/21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: LSASS.EXE >
[2009/06/15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/02/13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NTFS.SYS >
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SMSS.EXE >
[2008/01/21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

HopemZabar · #5 Příspěvek od **HopemZabar** » 14 lis 2011 13:01

OTL logfile created on: 14. 11. 2011 11:39:59 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ado\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,25 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 62,92% Memory free
6,72 Gb Paging File | 5,64 Gb Available in Paging File | 83,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,15 Gb Total Space | 54,69 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Drive E: | 184,99 Gb Total Space | 113,57 Gb Free Space | 61,39% Space Free | Partition Type: NTFS

Computer Name: ADO-PC | User Name: Ado | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
PRC - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/09/11 07:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/07/10 17:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/04/22 11:44:00 | 000,648,520 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2008/04/18 19:27:52 | 000,316,744 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2008/04/18 19:27:40 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008/04/17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/16 16:43:32 | 002,577,736 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2008/04/14 23:05:40 | 002,979,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/31 19:08:50 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008/03/19 13:35:42 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/09 10:38:44 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/08 04:02:56 | 000,420,920 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
MOD - [2011/11/08 04:02:55 | 003,702,840 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/08 04:01:20 | 000,122,952 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/08 04:01:19 | 000,222,280 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/08 04:01:17 | 001,746,504 | ---- | M] () -- C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2008/10/11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/08/08 02:03:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/03/06 10:14:54 | 005,121,912 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007/12/25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007/12/14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/12/01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2006/10/10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/07/22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2009/10/18 13:30:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/11 07:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 00:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/06/25 11:59:02 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/06/25 11:59:02 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/01/16 12:46:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/11 07:26:26 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009/09/11 07:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 07:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 07:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/06/19 09:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/06/02 01:15:26 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/06/02 01:15:26 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/08/19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/08/08 02:04:00 | 003,885,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/08/08 02:04:00 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/04/23 17:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/04/15 09:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/03/25 13:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 11:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/03/17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/27 19:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/15 18:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/09/05 00:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/08/31 17:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 15:14:22 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006/11/30 15:14:14 | 000,086,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45obex.sys -- (se45obex)
DRV - [2006/11/30 15:14:10 | 000,088,624 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006/11/30 15:14:10 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006/11/30 15:14:04 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006/11/30 15:14:04 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006/11/30 15:13:56 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006/11/28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/07/11 18:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/01/07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEA

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ulozto.cz/
IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://sk.darkorbit.com/?aid=1292&aig=22&aip=sup1_s"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16749
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/03/17 16:12:00 | 000,000,000 | ---D | M]

[2009/05/23 14:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Extensions
[2011/11/14 11:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions
[2011/11/10 17:01:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/23 23:53:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/11/10 17:01:13 | 000,002,557 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\searchplugins\askcom.xml
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/12 10:42:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/12 11:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/13 01:21:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/12 12:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/15 09:26:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/05/23 14:36:33 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/09 17:41:06 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/04/09 17:41:06 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011/04/09 17:41:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011/04/09 17:41:06 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/04/09 17:41:06 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ado\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_JamesWhite = C:\Users\Ado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\

O1 HOSTS File: ([2011/09/20 09:25:51 | 000,437,852 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15062 more lines...
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55526FF5-4273-4464-9945-58B00690A785}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{a202a486-286b-11e0-8a79-00037a9e6452}\Shell\AutoRun\command - "" = H:\USBNB.exe
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\explore\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\open\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\Mpeg\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\Mpeg\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\System32\I263_32.drv (Intel Corporation)
Drivers32: VIDC.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011/11/14 11:35:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\rsit
[2009/10/06 08:45:30 | 007,993,160 | ---- | C] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2009/04/11 11:16:14 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Ado\AppData\Roaming\pcouffin.sys
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011/11/14 11:43:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/11/14 11:38:04 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000UA.job
[2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/14 11:17:34 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 11:17:34 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 11:10:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 11:10:55 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 11:10:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 11:10:35 | 3487,391,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/12 06:56:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/10 22:42:14 | 000,002,072 | ---- | M] () -- C:\Users\Ado\Desktop\Google Chrome.lnk
[2011/11/10 20:38:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000Core.job
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/14 11:43:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/04/20 11:47:26 | 000,000,000 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\wklnhst.dat
[2010/04/21 14:55:45 | 000,000,045 | -H-- | C] () -- C:\Windows\dvis3006.dat
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/16 20:07:48 | 000,564,224 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2010/03/16 20:07:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/03/16 20:07:47 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/03/16 20:07:23 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/03/14 15:18:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009/12/27 17:16:13 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/20 21:04:27 | 000,001,041 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\vso_ts_preview.xml
[2009/09/17 07:26:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/17 07:26:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/03 15:52:37 | 000,000,022 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009/09/03 15:52:37 | 000,000,014 | ---- | C] () -- C:\Windows\dswplug.ini
[2009/06/22 23:58:53 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/22 13:33:23 | 000,000,005 | ---- | C] () -- C:\Windows\sbacknt.bin
[2009/06/02 01:15:26 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/06/02 01:15:26 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/05/23 14:36:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/04/23 18:14:44 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/04/23 18:14:43 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/04/23 18:14:36 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/04/14 15:39:23 | 000,001,356 | ---- | C] () -- C:\Users\Ado\AppData\Local\d3d9caps.dat
[2009/04/13 08:41:47 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/04/11 11:16:14 | 000,087,608 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2009/04/11 11:16:14 | 000,007,887 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.cat
[2009/04/11 11:16:14 | 000,001,144 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.inf
[2009/03/09 20:53:02 | 000,056,320 | ---- | C] () -- C:\Users\Ado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/09 13:26:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/03/09 13:26:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/03/09 13:26:46 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/03/09 13:26:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/03/09 12:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/11/21 10:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/11/21 10:05:51 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/11/21 10:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/11/21 10:05:51 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/11/21 10:05:51 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/11/21 09:24:44 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/11/21 09:24:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/11/21 09:24:43 | 000,174,820 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/11/21 09:24:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/11/21 08:54:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/11/21 08:30:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 002,325,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,604,764 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,096 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/20 21:07:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2005/10/15 13:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 13:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2009/06/09 19:36:13 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\.#
[2009/05/23 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\.Torrent Swapper
[2009/12/01 11:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\2K Sports
[2009/04/06 16:34:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\aAvgApi
[2010/01/13 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\BitCometLite
[2009/04/23 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\DAEMON Tools Lite
[2010/03/17 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\ESET
[2010/05/13 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Facebook
[2009/12/30 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FlashGet
[2010/03/22 17:40:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\fltk.org
[2009/09/29 14:07:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FrostWire
[2009/04/23 18:07:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Leadertech
[2011/08/05 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Lionhead Studios
[2010/01/26 11:14:41 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\lowsec
[2011/01/31 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\MAGIX
[2011/05/27 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mirillis
[2010/04/21 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\mojosoft
[2011/04/20 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Template
[2009/07/02 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\The Creative Assembly
[2009/03/13 10:43:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Toshiba
[2011/08/28 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\TS3Client
[2010/12/06 21:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ubisoft
[2011/10/12 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\uTorrent
[2009/06/23 08:40:39 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vghd
[2011/02/13 08:45:10 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\VitySoft
[2011/10/31 11:04:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Vso
[2010/04/21 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Zoner
[2011/11/13 01:11:36 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008/01/21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008/01/21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: LSASS.EXE >
[2009/06/15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/02/13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NTFS.SYS >
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SMSS.EXE >
[2008/01/21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

HopemZabar · #6 Příspěvek od **HopemZabar** » 14 lis 2011 13:01

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
[2008/01/21 06:24:43 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\en-US\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008/08/08 02:02:00 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2008/08/08 02:03:00 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2008/08/08 02:03:00 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2008/08/08 02:03:00 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006/09/18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006/09/18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008/01/21 03:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011/08/23 09:03:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/08/23 09:03:46 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2008/11/21 09:33:00 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/05/12 10:52:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2009/03/31 17:07:05 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/11/18 09:28:22 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/04/14 11:22:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/11/18 09:28:52 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2008/01/18 17:45:30 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX0.dat
[2008/01/18 17:45:30 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX1.dat
[2008/02/04 20:00:56 | 000,000,176 | ---- | M] () -- C:\Windows\system32\drivers\RTHDAEQ0.dat
[2008/02/04 20:00:56 | 000,000,176 | ---- | M] () -- C:\Windows\system32\drivers\RTHDAEQ1.dat
[2008/01/18 17:45:30 | 000,000,852 | ---- | M] () -- C:\Windows\system32\drivers\RTKHDRC0.dat
[2008/01/18 17:45:30 | 000,000,852 | ---- | M] () -- C:\Windows\system32\drivers\RTKHDRC1.dat
[2009/03/09 12:52:49 | 000,000,000 | RHS- | M] () -- C:\Windows\system32\drivers\TOSHIBA_Satellite A300D_08451-SK_PSAHCE-01000.MRK

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/01/16 12:46:16 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011/11/14 11:10:55 | 000,003,744 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 11:10:56 | 000,003,744 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 06:56:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011/11/14 11:17:34 | 000,108,096 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011/11/14 11:17:34 | 000,604,764 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011/11/14 11:17:34 | 000,716,862 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2009/06/09 19:36:13 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\.#
[2009/05/23 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\.Torrent Swapper
[2009/12/01 11:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\2K Sports
[2009/04/06 16:34:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\aAvgApi
[2009/11/08 17:13:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Adobe
[2009/10/18 09:39:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/24 16:31:45 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ahead
[2010/03/16 20:07:37 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Apple Computer
[2010/01/13 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\BitCometLite
[2009/04/23 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\DAEMON Tools Lite
[2010/04/13 22:21:53 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\dvdcss
[2010/03/17 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\ESET
[2010/05/13 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Facebook
[2009/12/30 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FlashGet
[2010/03/22 17:40:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\fltk.org
[2009/09/29 14:07:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FrostWire
[2009/03/09 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Google
[2009/03/09 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Identities
[2009/03/09 13:04:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\InstallShield
[2009/04/23 18:07:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Leadertech
[2011/08/05 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Lionhead Studios
[2010/01/26 11:14:41 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\lowsec
[2009/03/22 16:09:50 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Macromedia
[2011/01/31 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\MAGIX
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Media Center Programs
[2009/12/01 21:59:38 | 000,000,000 | --SD | M] -- C:\Users\Ado\AppData\Roaming\Microsoft
[2011/05/27 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mirillis
[2010/04/21 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\mojosoft
[2009/05/23 14:36:54 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mozilla
[2009/12/14 00:29:49 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\NCH Software
[2009/09/24 16:33:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Nero
[2009/04/23 19:53:56 | 000,000,000 | RH-D | M] -- C:\Users\Ado\AppData\Roaming\SecuROM
[2009/10/25 09:08:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\skypePM
[2011/04/20 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Template
[2009/07/02 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\The Creative Assembly
[2009/03/13 10:43:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Toshiba
[2011/08/28 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\TS3Client
[2010/12/06 21:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ubisoft
[2011/10/12 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\uTorrent
[2009/06/23 08:40:39 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vghd
[2011/02/13 08:45:10 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\VitySoft
[2010/03/12 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vlc
[2011/10/31 11:04:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Vso
[2009/03/25 22:38:44 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\WinRAR
[2010/04/21 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Zoner

< %APPDATA%\*.* >
[2009/11/20 21:03:45 | 000,087,608 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2010/01/27 09:56:51 | 007,993,160 | ---- | M] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2009/11/20 21:03:45 | 000,007,887 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.cat
[2009/11/20 21:03:45 | 000,001,144 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.inf
[2009/11/20 21:03:52 | 000,000,034 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.log
[2009/11/20 21:03:45 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Ado\AppData\Roaming\pcouffin.sys
[2011/10/31 11:04:14 | 000,001,041 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\vso_ts_preview.xml
[2011/04/20 11:47:26 | 000,000,000 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\wklnhst.dat

< %APPDATA%\*.exe /s >
[2009/11/20 21:03:45 | 000,087,608 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2010/01/27 09:56:51 | 007,993,160 | ---- | M] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2010/05/13 07:31:13 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Ado\AppData\Roaming\Facebook\uninstall.exe
[2009/05/18 11:38:56 | 004,506,256 | ---- | M] (Lime Wire LLC) -- C:\Users\Ado\AppData\Roaming\FrostWire\.NetworkShare\LimeWireWin4.16.6.exe
[2009/10/18 10:41:19 | 000,003,584 | R--- | M] () -- C:\Users\Ado\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2010/12/22 16:40:32 | 000,012,611 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].torrent
[2010/12/22 16:42:16 | 038,445,769 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\Virtual DJ v7.0 PRO + Crack [ChattChitto RG]\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].exe
[1998/01/01 00:00:00 | 000,107,915 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Hantro\Hantro_v3.3_full_cracked_18plus2.sis
[1996/12/24 20:32:00 | 000,131,088 | ---- | M] () -- \Users\Ado\Saved Games\Nintendo\NES ROMS\Crackout (U) (Prototype).nes

< *keygen* /s >
[2011/01/16 12:52:26 | 000,000,570 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Lavalys.EVEREST.Ultimate.Edition.v4.50.1330.Multilingual.Keygen.Only-ViRiLiTY.torrent
[2003/01/20 00:59:34 | 000,041,472 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Geopod\Geopod\keygen.exe
[2003/01/09 08:38:10 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MGSkarting_cracked\karting\keygen.exe
[2002/12/26 11:19:42 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MGS-Silverball_v1.60\Silverball_v1.60\keygen.exe
[2002/12/26 11:18:50 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MVRPool\MVRPool\keygen.exe
[2003/01/07 11:37:36 | 000,039,936 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Tennis Maniac\keygen.exe

< *loader* /s >
[2008/08/28 18:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 15:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 15:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008/08/14 06:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007/03/12 12:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011/06/30 15:14:36 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2007/02/05 15:54:52 | 000,045,056 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.exe
[2006/03/20 11:43:36 | 000,000,273 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.ini
[2008/06/20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010/03/06 06:30:38 | 000,847,040 | ---- | M] () -- \Users\Ado\AppData\Roaming\Facebook\axfbootloader.dll
[2010/04/08 15:11:38 | 000,009,225 | ---- | M] () -- \Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\content\scriptdownloader.js
[2009/10/28 09:32:10 | 014,592,024 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\102-miles_davis-freddie_freeloader.mp3
[2009/10/28 09:27:34 | 001,103,880 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\107-miles_davis-freddie_freeloader_(studio_sequence_1).mp3
[2009/10/28 09:27:35 | 002,138,823 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\108-miles_davis-freddie_freeloader_(false_start).mp3
[2009/10/28 00:23:15 | 002,120,484 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\109-miles_davis-freddie_freeloader_(studio_sequence_2)_(previously_unreleased).mp3
[2010/03/16 00:11:13 | 002,390,472 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe
[2011/08/09 07:28:57 | 000,002,394 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2010/04/29 11:24:40 | 001,077,904 | ---- | M] () -- \Users\Public\Games\World of Warcraft\BackgroundDownloader.exe
[2010/04/29 11:50:50 | 002,167,496 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0-enUS-downloader.exe
[2010/04/29 12:19:11 | 002,379,336 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enUS-downloader.exe
[2010/03/15 23:36:13 | 002,069,792 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe
[2010/03/15 23:38:59 | 002,067,232 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe
[2010/03/15 23:40:07 | 002,390,472 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe
[2010/04/29 12:37:13 | 002,336,072 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.0.10958-to-3.3.0.11159-enUS-downloader.exe
[2010/04/29 12:37:54 | 002,348,440 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enUS-downloader.exe
[2010/05/13 07:51:31 | 002,651,696 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enUS-downloader.exe
[2010/05/13 08:06:01 | 002,640,176 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.3.11685-to-3.3.3.11723-enUS-downloader.exe
[2010/07/13 00:27:14 | 002,711,328 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.3.11723-to-3.3.5.12213-enUS-downloader.exe
[2010/07/13 00:32:45 | 002,710,448 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.5.12213-to-3.3.5.12340-enUS-downloader.exe
[2011/08/09 07:28:36 | 002,067,706 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2010/04/29 11:22:29 | 000,003,026 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/04/29 11:22:29 | 000,004,261 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2008/11/21 10:21:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2006/07/20 21:07:50 | 000,053,248 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008/01/21 06:29:14 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/01/21 06:29:14 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008/01/21 06:29:14 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2009/09/17 12:42:02 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009/09/17 12:42:02 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009/09/17 12:42:02 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 03:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008/02/29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008/02/29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008/02/29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008/02/29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008/02/29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008/02/29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008/02/29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008/02/29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008/02/29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008/02/29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008/02/29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008/02/29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008/02/29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008/02/29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 06:23:06 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/02/29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008/02/29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 03:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008/02/29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008/02/29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 03:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLoginUninst.exe
[2010/03/17 15:48:44 | 000,000,920 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\ESET Antivirus Licence Finder (MiNODLogin) 3.6.0.1.exe.torrent
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2011/10/25 23:21:06 | 118,819,232 | ---- | M] () -- \Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1.zip
[2011/09/14 11:23:54 | 000,391,800 | ---- | M] () -- \Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1\EsetSmartSecurity 5 CZ 64bit,32bit + MiNODLogin 3.9.8.1\MiNODLogin 3.9.8.1\MiNODLogin 3.9.8.1.exe
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2011/11/09 08:31:25 | 000,030,732 | ---- | M] () -- \Windows\Prefetch\MINODLOGIN.EXE-C653F8E6.pf

< *tnod* /s >
[2006/09/06 17:33:50 | 000,114,688 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\afdwTextNode.dll

< *AutoKMS* /s >

< *activator* /s >
[2008/08/14 06:56:12 | 000,003,942 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008/08/14 06:56:10 | 000,001,489 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class

< *serial* /s >
[2008/08/28 15:40:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008/08/28 15:40:42 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008/08/06 09:45:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008/08/06 09:45:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008/09/19 03:10:54 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008/09/19 03:10:54 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008/08/14 06:56:46 | 000,059,514 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/06/30 15:13:52 | 000,026,761 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.10.2.0.jar
[2011/06/30 15:13:52 | 000,049,508 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.11.7.13.jar
[2011/06/30 15:14:56 | 000,002,239 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.11.7.13.jar
[2011/08/23 08:59:37 | 000,057,344 | ---- | M] () -- \ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\7\1\.cp\lib\serialio.dll
[2009/06/02 01:52:49 | 000,000,029 | ---- | M] () -- \ProgramData\Tages\100663362\Serial.txt
[2008/02/21 18:19:56 | 000,051,622 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\smserial.inf
[2008/02/21 18:37:40 | 001,197,568 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\amd64\SmSerial.sys
[2008/02/21 18:29:00 | 001,092,608 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\x86\SmSerial.sys
[2010/04/09 14:55:15 | 000,000,024 | ---- | M] () -- \Users\Ado\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2011/09/20 09:00:04 | 000,016,216 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small].torrent
[2011/03/29 22:29:50 | 000,025,216 | ---- | M] () -- \Users\Ado\Downloads\Microsoft_Office_Enterprise_2007[Serial_Key_Included].5225806.TPB.torrent
[2011/09/20 09:00:04 | 000,016,216 | ---- | M] () -- \Users\Ado\Downloads\Nero_7_Premium_Edition___Serial_[1337x]_[Ahmed]_[Fast___Small].5358690.TPB.torrent
[2010/08/02 20:53:02 | 000,008,786 | ---- | M] () -- \Users\Ado\Downloads\epgp-5.5.19\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 20:53:02 | 000,000,216 | ---- | M] () -- \Users\Ado\Downloads\epgp-5.5.19\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011/09/20 09:03:44 | 000,001,201 | ---- | M] () -- \Users\Ado\Downloads\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small]\Serial\Serial.txt
[2011/08/23 08:59:37 | 000,057,344 | ---- | M] () -- \Users\All Users\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\7\1\.cp\lib\serialio.dll
[2009/06/02 01:52:49 | 000,000,029 | ---- | M] () -- \Users\All Users\Tages\100663362\Serial.txt
[2010/08/02 20:53:02 | 000,008,786 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 20:53:02 | 000,000,216 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010/04/02 22:39:12 | 000,009,066 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/04/02 22:39:12 | 000,000,219 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/10/22 07:46:39 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/15 06:35:26 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4b4c359912c1241246f50a4c47dbab3c\System.Runtime.Serialization.ni.dll
[2011/10/15 06:27:56 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f97b31da89858b85c70b4eb45bc91ace\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 06:02:46 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011/10/16 06:03:00 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 06:08:45 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011/10/15 05:52:14 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/15 05:52:10 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/15 05:52:23 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2004/07/15 13:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008/01/21 06:26:04 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2008/01/21 06:24:37 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006/11/02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006/11/02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008/01/21 06:24:26 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/09/17 12:42:09 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009/09/17 12:42:09 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008/01/21 06:29:15 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2009/09/17 12:42:30 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006/11/02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008/01/21 03:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2009/04/10 23:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010/04/12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2010/04/12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2006/11/02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2010/04/12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2010/04/12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2006/11/02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008/01/21 03:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2009/04/10 23:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010/04/12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2010/04/12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2006/11/02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008/01/21 03:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009/04/10 23:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006/11/02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006/11/02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008/01/21 03:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2009/04/10 23:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010/04/12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2010/04/12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2006/10/20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008/01/21 03:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2009/02/18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2010/04/12 13:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2008/01/21 06:26:04 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008/01/21 06:24:26 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008/01/21 06:24:37 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008/01/21 06:26:04 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006/11/02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008/01/21 03:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *legalizator* /s >

< *registration* /s >
[2008/08/06 09:45:16 | 000,606,208 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\registration.dll
[2008/08/06 09:45:24 | 000,007,342 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\ar_AE\registration.zdct
[2008/08/06 09:45:24 | 000,007,472 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\bg_BG\registration.zdct
[2008/08/06 09:45:24 | 000,007,394 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\cs_CZ\registration.zdct
[2008/08/06 09:45:24 | 000,007,486 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\da_DK\registration.zdct
[2008/08/06 09:45:24 | 000,009,118 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\de_DE\registration.zdct
[2008/08/06 09:45:24 | 000,007,764 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\el_GR\registration.zdct
[2008/08/06 09:45:24 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\en_GB\registration.zdct
[2008/08/06 09:45:24 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\en_US\registration.zdct
[2008/08/06 09:45:24 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\en_XM\registration.zdct
[2008/08/06 09:45:24 | 000,007,792 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\es_ES\registration.zdct
[2008/08/06 09:45:24 | 000,007,792 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\es_MX\registration.zdct
[2008/08/06 09:45:24 | 000,007,322 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\et_EE\registration.zdct
[2008/08/06 09:45:24 | 000,007,422 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\fi_FI\registration.zdct
[2008/08/06 09:45:24 | 000,008,252 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\fr_CA\registration.zdct
[2008/08/06 09:45:24 | 000,008,166 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\fr_FR\registration.zdct
[2008/08/06 09:45:24 | 000,008,252 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\fr_XM\registration.zdct
[2008/08/06 09:45:24 | 000,006,676 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\he_IL\registration.zdct
[2008/08/06 09:45:24 | 000,007,578 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\hr_HR\registration.zdct
[2008/08/06 09:45:24 | 000,007,938 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\hu_HU\registration.zdct
[2008/08/06 09:45:24 | 000,007,768 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\it_IT\registration.zdct
[2008/08/06 09:45:24 | 000,005,796 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\ja_JP\registration.zdct
[2008/08/06 09:45:24 | 000,005,766 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\ko_KR\registration.zdct
[2008/08/06 09:45:24 | 000,007,698 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\lt_LT\registration.zdct
[2008/08/06 09:45:24 | 000,007,676 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\lv_LV\registration.zdct
[2008/08/06 09:45:24 | 000,007,518 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\nb_NO\registration.zdct
[2008/08/06 09:45:24 | 000,007,620 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\nl_NL\registration.zdct
[2008/08/06 09:45:24 | 000,007,726 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\pl_PL\registration.zdct
[2008/08/06 09:45:24 | 000,007,520 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\pt_BR\registration.zdct
[2008/08/06 09:45:24 | 000,007,656 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\ro_RO\registration.zdct
[2008/08/06 09:45:24 | 000,007,824 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\ru_RU\registration.zdct
[2008/08/06 09:45:24 | 000,007,620 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\sk_SK\registration.zdct
[2008/08/06 09:45:24 | 000,007,628 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\sl_SI\registration.zdct
[2008/08/06 09:45:24 | 000,007,456 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\sv_SE\registration.zdct
[2008/08/06 09:45:24 | 000,007,354 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\tr_TR\registration.zdct
[2008/08/06 09:45:24 | 000,008,090 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\uk_UA\registration.zdct
[2008/08/06 09:45:24 | 000,005,342 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\zh_CN\registration.zdct
[2008/08/06 09:45:24 | 000,005,354 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\RegLoc\zh_TW\registration.zdct
[2008/09/19 01:15:46 | 000,606,208 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\registration.dll
[2008/09/19 03:10:50 | 000,007,342 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\ar_ae\registration.zdct
[2008/09/19 03:10:50 | 000,007,472 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\bg_bg\registration.zdct
[2008/09/19 03:10:50 | 000,007,394 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\cs_cz\registration.zdct
[2008/09/19 03:10:50 | 000,007,486 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\da_dk\registration.zdct
[2008/09/19 03:10:50 | 000,009,118 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\de_de\registration.zdct
[2008/09/19 03:10:50 | 000,007,764 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\el_gr\registration.zdct
[2008/09/19 03:10:50 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\en_gb\registration.zdct
[2008/09/19 03:10:50 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\en_us\registration.zdct
[2008/09/19 03:10:50 | 000,007,502 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\en_xm\registration.zdct
[2008/09/19 03:10:50 | 000,007,792 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\es_es\registration.zdct
[2008/09/19 03:10:50 | 000,007,792 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\es_mx\registration.zdct
[2008/09/19 03:10:50 | 000,007,322 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\et_ee\registration.zdct
[2008/09/19 03:10:50 | 000,007,422 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\fi_fi\registration.zdct
[2008/09/19 03:10:50 | 000,008,252 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\fr_ca\registration.zdct
[2008/09/19 03:10:50 | 000,008,166 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\fr_fr\registration.zdct
[2008/09/19 03:10:50 | 000,008,252 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\fr_xm\registration.zdct
[2008/09/19 03:10:50 | 000,006,676 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\he_il\registration.zdct
[2008/09/19 03:10:50 | 000,007,578 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\hr_hr\registration.zdct
[2008/09/19 03:10:50 | 000,007,938 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\hu_hu\registration.zdct
[2008/09/19 03:10:50 | 000,007,768 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\it_it\registration.zdct
[2008/09/19 03:10:50 | 000,005,796 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\ja_jp\registration.zdct
[2008/09/19 03:10:50 | 000,005,766 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\ko_kr\registration.zdct
[2008/09/19 03:10:50 | 000,007,698 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\lt_lt\registration.zdct
[2008/09/19 03:10:50 | 000,007,676 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\lv_lv\registration.zdct
[2008/09/19 03:10:50 | 000,007,518 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\nb_no\registration.zdct
[2008/09/19 03:10:50 | 000,007,620 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\nl_nl\registration.zdct
[2008/09/19 03:10:50 | 000,007,726 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\pl_pl\registration.zdct
[2008/09/19 03:10:50 | 000,007,520 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\pt_br\registration.zdct
[2008/09/19 03:10:50 | 000,007,656 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\ro_ro\registration.zdct
[2008/09/19 03:10:50 | 000,007,824 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\ru_ru\registration.zdct
[2008/09/19 03:10:50 | 000,007,620 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\sk_sk\registration.zdct
[2008/09/19 03:10:50 | 000,007,628 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\sl_si\registration.zdct
[2008/09/19 03:10:50 | 000,007,456 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\sv_se\registration.zdct
[2008/09/19 03:10:50 | 000,007,354 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\tr_tr\registration.zdct
[2008/09/19 03:10:50 | 000,008,090 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\uk_ua\registration.zdct
[2008/09/19 03:10:50 | 000,005,342 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\zh_cn\registration.zdct
[2008/09/19 03:10:50 | 000,005,354 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\regloc\zh_tw\registration.zdct
[2008/08/18 21:53:56 | 000,606,208 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\registration.dll
[2008/08/18 20:53:02 | 000,007,342 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\ar_AE\registration.zdct
[2008/08/18 20:53:02 | 000,007,472 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\bg_BG\registration.zdct
[2008/08/18 20:53:02 | 000,007,394 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\cs_CZ\registration.zdct
[2008/08/18 20:53:02 | 000,007,486 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\da_DK\registration.zdct
[2008/08/18 20:53:04 | 000,009,118 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\de_DE\registration.zdct
[2008/08/18 20:53:04 | 000,007,764 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\el_GR\registration.zdct
[2008/08/18 20:53:04 | 000,007,502 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\en_GB\registration.zdct
[2008/08/18 20:53:04 | 000,007,502 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\en_US\registration.zdct
[2008/08/18 20:53:04 | 000,007,502 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\en_XM\registration.zdct
[2008/08/18 20:53:04 | 000,007,792 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\es_ES\registration.zdct
[2008/08/18 20:53:06 | 000,007,792 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\es_MX\registration.zdct
[2008/08/18 20:53:06 | 000,007,322 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\et_EE\registration.zdct
[2008/08/18 20:53:06 | 000,007,422 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\fi_FI\registration.zdct
[2008/08/18 20:53:06 | 000,008,252 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\fr_CA\registration.zdct
[2008/08/18 20:53:06 | 000,008,166 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\fr_FR\registration.zdct
[2008/08/18 20:53:06 | 000,008,252 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\fr_XM\registration.zdct
[2008/08/18 20:53:06 | 000,006,676 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\he_IL\registration.zdct
[2008/08/18 20:53:08 | 000,007,578 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\hr_HR\registration.zdct
[2008/08/18 20:53:08 | 000,007,938 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\hu_HU\registration.zdct
[2008/08/18 20:53:08 | 000,007,768 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\it_IT\registration.zdct
[2008/08/18 20:53:08 | 000,005,796 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\ja_JP\registration.zdct
[2008/08/18 20:53:08 | 000,005,766 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\ko_KR\registration.zdct
[2008/08/18 20:53:08 | 000,007,698 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\lt_LT\registration.zdct
[2008/08/18 20:53:10 | 000,007,676 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\lv_LV\registration.zdct
[2008/08/18 20:53:10 | 000,007,518 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\nb_NO\registration.zdct
[2008/08/18 20:53:10 | 000,007,620 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\nl_NL\registration.zdct
[2008/08/18 20:53:10 | 000,007,726 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\pl_PL\registration.zdct
[2008/08/18 20:53:10 | 000,007,520 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\pt_BR\registration.zdct
[2008/08/18 20:53:10 | 000,007,656 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\ro_RO\registration.zdct
[2008/08/18 20:53:12 | 000,007,824 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\ru_RU\registration.zdct
[2008/08/18 20:53:12 | 000,007,620 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\sk_SK\registration.zdct
[2008/08/18 20:53:12 | 000,007,628 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\sl_SI\registration.zdct
[2008/08/18 20:53:12 | 000,007,456 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\sv_SE\registration.zdct
[2008/08/18 20:53:12 | 000,007,354 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\tr_TR\registration.zdct
[2008/08/18 20:53:12 | 000,008,090 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\uk_UA\registration.zdct
[2008/08/18 20:53:14 | 000,005,342 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\zh_CN\registration.zdct
[2008/08/18 20:53:14 | 000,005,354 | ---- | M] () -- \Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\RegLoc\zh_TW\registration.zdct
[2009/10/16 11:52:36 | 000,000,261 | ---- | M] () -- \Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\fnp_registrations.xml
[2011/07/15 10:44:57 | 000,001,544 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[2008/01/11 03:07:52 | 000,574,864 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistration.exe
[2007/05/01 02:53:42 | 000,000,691 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistration.exe.config
[2008/01/11 03:08:40 | 000,050,576 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistrationCompletion.exe
[2008/01/11 03:08:34 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\cs\ToshibaRegistration.resources.dll
[2008/01/11 03:08:16 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\da\ToshibaRegistration.resources.dll
[2008/01/11 03:07:56 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\de\ToshibaRegistration.resources.dll
[2008/01/11 03:07:54 | 000,087,440 | ---- | M] () -- \Program Files\Toshiba\Registration\en\ToshibaRegistration.resources.dll
[2008/01/11 03:08:02 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\es\ToshibaRegistration.resources.dll
[2008/01/11 03:08:20 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\fi\ToshibaRegistration.resources.dll
[2008/01/11 03:08:00 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\fr\ToshibaRegistration.resources.dll
[2008/01/11 03:08:36 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\hu\ToshibaRegistration.resources.dll
[2008/01/11 03:08:06 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\it\ToshibaRegistration.resources.dll
[2008/01/11 03:08:08 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\nl\ToshibaRegistration.resources.dll
[2008/01/11 03:08:22 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\no\ToshibaRegistration.resources.dll
[2008/01/11 03:08:24 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\pl\ToshibaRegistration.resources.dll
[2008/01/11 03:08:28 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\pt\ToshibaRegistration.resources.dll
[2008/01/11 03:08:10 | 000,124,304 | ---- | M] () -- \Program Files\Toshiba\Registration\ru\ToshibaRegistration.resources.dll
[2008/01/11 03:08:14 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\sv\ToshibaRegistration.resources.dll
[2008/01/11 03:08:30 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\tr\ToshibaRegistration.resources.dll
[2003/11/06 22:42:02 | 000,864,256 | ---- | M] () -- \Program Files\Ubisoft\Chessmaster Grandmaster Edition\Register\RegistrationReminder.exe
[2009/04/23 18:06:48 | 000,001,351 | ---- | M] () -- \ProgramData\Microsoft\Windows\GameExplorer\{9D4E5DDB-8A26-4076-A2A6-8F34C93C7025}\PlayTasks\3\Electronic Registration.lnk
[2009/10/31 16:40:45 | 000,000,315 | ---- | M] () -- \Users\Ado\AppData\Roaming\Adobe\com.adobe.330.ALL.registration
[2009/04/23 18:06:48 | 000,001,351 | ---- | M] () -- \Users\All Users\Microsoft\Windows\GameExplorer\{9D4E5DDB-8A26-4076-A2A6-8F34C93C7025}\PlayTasks\3\Electronic Registration.lnk
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2006/11/02 11:03:15 | 000,001,337 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-shell-registration_31bf3856ad364e35_6.0.6000.16386_none_bf75ea98a3f05594.manifest
[2006/11/02 13:33:38 | 000,004,263 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-t..client-registration_31bf3856ad364e35_6.0.6000.16386_none_795b3df162d03137.manifest
[2006/11/02 11:06:46 | 000,009,386 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-xwizards-registration_31bf3856ad364e35_6.0.6000.16386_none_16e20c08ebb573de.manifest

< *Office 2010* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-14 10:15:58

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011/11/14 11:43:59 | 000,000,512 | ---- | M] () MD5=EB5BAFACF113AF9D61442A3C87D0F783 -- C:\PhysicalMBR.bin

< End of report >

HopemZabar · #7 Příspěvek od **HopemZabar** » 14 lis 2011 13:02

OTL Extras logfile created on: 14. 11. 2011 11:39:59 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ado\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,25 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 62,92% Memory free
6,72 Gb Paging File | 5,64 Gb Available in Paging File | 83,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,15 Gb Total Space | 54,69 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Drive E: | 184,99 Gb Total Space | 113,57 Gb Free Space | 61,39% Space Free | Partition Type: NTFS

Computer Name: ADO-PC | User Name: Ado | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\\setup.exe" = D:\\setup.exe:*:Enabled:@xpsp2res.dll,-22019

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1022B3FC-66C3-47A1-823C-E21292688B9E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=zdieľanie súborov a tlačiarní (služba zaraďovača – rpc-epmap) |
"{107EE05B-8765-499E-B89B-D3058296F107}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{177FE30B-783C-46B2-B62E-D96524F0C7CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19398159-028E-440D-B3AA-E300BEA83BC0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{1FC97530-042E-462A-8F43-FCF8039BBD28}" = lport=139 | protocol=6 | dir=in | app=system |
"{2A11602B-623C-4914-9445-253AEEDA1CDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B1A0E08-51D2-4B27-B84A-BC5135477DB4}" = rport=139 | protocol=6 | dir=out | app=system |
"{2CB8D250-4122-40C5-B761-F2073A125ED6}" = lport=445 | protocol=6 | dir=in | app=system |
"{4343A0BE-46ED-4977-840D-4F639B5653F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4604727D-74CA-4D2F-A51A-798049A992F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47ECAEA4-1805-4BDD-BC39-B866FC62044A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CEB1D20-744C-4D19-AAC8-823F31804BEB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6815ACF7-7BA3-4F11-9D59-367314051DA0}" = rport=137 | protocol=17 | dir=out | app=system |
"{6E378257-CBCA-45C6-81DD-9514EFB2CC48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{70156FCD-D75B-4AF9-BF91-F89083B034CF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7E05E768-29C8-4DA1-99B8-7F730F3600EE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8F72CD5C-3872-42F3-9FAB-B6BE34793A76}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{91949A44-C47E-43D7-B1CD-D894789CFEA3}" = lport=137 | protocol=17 | dir=in | app=system |
"{9693B2A6-3360-40DE-8F83-37376FA3C368}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{990FA08F-E764-4928-9623-CB354CF3A6F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4FD395D-51AD-4E93-A55C-1469E274F4B3}" = rport=138 | protocol=17 | dir=out | app=system |
"{C9E162B2-3B8B-4D4E-910B-5982502E330F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CAD19366-BDC3-4E2F-9307-9AACF3696D5E}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{D0A0AE68-5C28-4125-A026-6715AEB22D69}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED284FF2-9601-423A-9BD9-66F8BD8D5B68}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F2742420-A0F8-4F7A-8994-84A8D702E56E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5B542E7-1495-4B6A-913D-9E7743665ABB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F69A7332-D7D9-4BF4-852D-14D3C3E14D8A}" = rport=445 | protocol=6 | dir=out | app=system |
"{FBC84E3F-7825-4721-902A-BA790E5632DE}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EAD709-724C-4ECA-ADC6-D8F1570C1F5B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{07054181-D7DA-4188-92AD-37F175DFAD68}" = protocol=1 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - odchádzajúce prenosy) |
"{0C6FBE9A-4384-43D4-A566-73994ECEACE4}" = protocol=6 | dir=out | app=system |
"{0CBFDA92-34DD-42E0-A91A-FCA73FD6CB98}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{10EBFE09-EA88-41DF-89D1-1684A010895F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{12B01608-E328-44A8-B394-E39253BC581A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15846855-2235-465C-A3CA-308FE4B6BF4F}" = protocol=58 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - odchádzajúce prenosy) |
"{1EB3B1B8-776F-4E52-B8BA-CDE0D20BCD36}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{2958D9A8-2BED-4817-934A-0C898EEC51FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BA1BB04-933F-4BA1-8136-107CF911E628}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F8E4B76-4603-4478-86F6-9DE2F1675D95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{328026B2-3398-4985-8A37-042F73F7B426}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{358E8FB6-12E2-4923-9528-E29BEC804F88}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{365A1787-CB18-4CAB-8F59-629F0A953B5C}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{377A1050-DB2C-4686-A58D-9FA349C3DA66}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{3A74766B-0763-47C3-825D-9F6240220379}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3C46D547-38AC-4A20-820A-51A0B720909D}" = protocol=58 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - prichádzajúce prenosy) |
"{454BB6DF-1BDA-4479-873B-0D2771C4E74F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{485FBDAD-F99A-4A78-9ACE-DA3D2D6DE3D9}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{5EB3911C-A9E3-40D1-B847-B246AEFC3445}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6C5051F4-AA16-4411-86D6-EFA371BBB09A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{6DA3372D-ECE7-43BA-AF89-C57DB2D03D91}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7007D5B4-06E0-4160-8136-9F2DADCC17C8}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{782E3356-9E86-4750-A28A-221EBA480C93}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{7BCDC97C-68A9-422D-86C5-414DBCF76DFD}" = protocol=1 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - prichádzajúce prenosy) |
"{7FC0F71B-5D14-4BD4-839E-A405D9875052}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8161FFFD-1C09-4870-9F06-87AB6DB1FF63}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{83BA3543-D979-48AE-ABCE-DF6EB2BD7561}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8762E9BE-2E04-43C9-A8E1-4A1CF207B06E}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{96B69633-6FFD-43BE-8169-7A73589043A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7896A3D-F9BA-4061-9C41-F96F0741C28E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF328B8C-12B4-4828-B34D-709B7AEC4E93}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B263EB24-C115-4090-8041-3101A130EA1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B93CAD24-B303-4CBB-97F1-CD70D771AEF1}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{C5CAD094-CF63-4A5D-BFA8-65BD20767978}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DE7E9176-5AB2-4CF6-94B2-10ED6EEAD715}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{EA86B3FE-AD95-45C7-B472-6567D6AA9FE5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"TCP Query User{094F445E-6166-42E6-8DA6-C9B232FB6E6E}C:\program files\onwind\zu-online\zuonline.exe" = protocol=6 | dir=in | app=c:\program files\onwind\zu-online\zuonline.exe |
"TCP Query User{09502712-D6E7-49DC-95B2-92DCB22D6AC6}C:\users\ado\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\ado\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{189328A8-25D5-4A73-A4C2-D26C6EF318E4}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{313AC64D-CD47-4653-9425-18A03DA56789}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{351EA593-726C-4F48-9A05-628E9FB43FDE}C:\program files\swapper\swapper.exe" = protocol=6 | dir=in | app=c:\program files\swapper\swapper.exe |
"TCP Query User{46F6A436-E8BC-406A-866B-BD8583A226E9}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{4EE2A652-34D2-447D-8653-F85E566CB243}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{54CEB942-AFDC-4CC5-9B3D-8B1F78409DBB}C:\users\ado\documents\downloads\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe" = protocol=6 | dir=in | app=c:\users\ado\documents\downloads\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"TCP Query User{676B5455-D3F5-4EA5-AFDC-DBBBF503DDB9}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{8293D6DB-D483-41E2-BD89-4032D28E658F}C:\program files\onwind\zu-online\bt_update.exe" = protocol=6 | dir=in | app=c:\program files\onwind\zu-online\bt_update.exe |
"TCP Query User{8C9AC066-1433-4784-90E0-9909703F581B}C:\users\ado\documents\downloads\wowclient-downloader.exe" = protocol=6 | dir=in | app=c:\users\ado\documents\downloads\wowclient-downloader.exe |
"TCP Query User{A4FB086E-82F1-4F92-BCF3-B8CEB6464AED}C:\users\ado\documents\downloads\mwodownloaderbuild0910.exe" = protocol=6 | dir=in | app=c:\users\ado\documents\downloads\mwodownloaderbuild0910.exe |
"TCP Query User{AE57BB7A-BF53-4A8B-A2C9-160950B640E0}C:\program files\2k sports\nba 2k10\nba2k10.exe" = protocol=6 | dir=in | app=c:\program files\2k sports\nba 2k10\nba2k10.exe |
"TCP Query User{AE6D5DA9-42CD-4A3E-822F-D7D8D1DB3DEB}C:\users\ado\documents\downloads\keygen.ulead.video.studio.11.plus.exe" = protocol=6 | dir=in | app=c:\users\ado\documents\downloads\keygen.ulead.video.studio.11.plus.exe |
"TCP Query User{C52C430B-4F67-438C-9B41-2A1976999385}C:\users\ado\documents\downloads\wow-burningcrusade-enus-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\ado\documents\downloads\wow-burningcrusade-enus-installer-downloader.exe |
"TCP Query User{CCA421BE-7C62-4C03-8D06-C78A82FA9B17}C:\users\ado\saved games\nintendo\emulators\nesterj 0.22c nes emulator\nnnesterj.exe" = protocol=6 | dir=in | app=c:\users\ado\saved games\nintendo\emulators\nesterj 0.22c nes emulator\nnnesterj.exe |
"TCP Query User{D15886AF-3E81-4589-A957-957EE3AD225C}C:\users\ado\saved games\cstrike\hl.exe" = protocol=6 | dir=in | app=c:\users\ado\saved games\cstrike\hl.exe |
"TCP Query User{E8DE30B3-9C8F-4E9F-9934-8B6F48CE01BF}C:\users\ado\appdata\local\temp\9a7b0306f11c408a880aa772a3f933f1\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\ado\appdata\local\temp\9a7b0306f11c408a880aa772a3f933f1\relicdownloader.exe |
"UDP Query User{28988F9A-B431-4D7D-B2DC-8A8691541ACB}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{31F6AE62-8CD4-422D-995A-5458FEB5F5A1}C:\program files\onwind\zu-online\bt_update.exe" = protocol=17 | dir=in | app=c:\program files\onwind\zu-online\bt_update.exe |
"UDP Query User{33B09AD9-669D-4406-9FEA-3E42F40359E5}C:\users\ado\saved games\nintendo\emulators\nesterj 0.22c nes emulator\nnnesterj.exe" = protocol=17 | dir=in | app=c:\users\ado\saved games\nintendo\emulators\nesterj 0.22c nes emulator\nnnesterj.exe |
"UDP Query User{3E352064-28C9-46DA-B6D7-18A2EFA42393}C:\program files\swapper\swapper.exe" = protocol=17 | dir=in | app=c:\program files\swapper\swapper.exe |
"UDP Query User{43089393-74C1-4D75-BFD0-F5C4C0FA9E51}C:\program files\2k sports\nba 2k10\nba2k10.exe" = protocol=17 | dir=in | app=c:\program files\2k sports\nba 2k10\nba2k10.exe |
"UDP Query User{45719F64-6655-4A68-90A0-435421462644}C:\users\ado\documents\downloads\keygen.ulead.video.studio.11.plus.exe" = protocol=17 | dir=in | app=c:\users\ado\documents\downloads\keygen.ulead.video.studio.11.plus.exe |
"UDP Query User{4793E9AC-E5AD-4435-9847-CBA558A3C2F0}C:\users\ado\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\ado\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{72C443A4-314E-4EDF-8FB5-2DCAB75291FF}C:\users\ado\documents\downloads\mwodownloaderbuild0910.exe" = protocol=17 | dir=in | app=c:\users\ado\documents\downloads\mwodownloaderbuild0910.exe |
"UDP Query User{8D5F83A7-B076-4C20-BF2E-58A016ADEFBC}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{A09945ED-4C73-4AB9-98AD-6D19A188515C}C:\program files\onwind\zu-online\zuonline.exe" = protocol=17 | dir=in | app=c:\program files\onwind\zu-online\zuonline.exe |
"UDP Query User{C1E6B1BE-EA12-4E0C-A3D4-6CDE9D21E65C}C:\users\ado\documents\downloads\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe" = protocol=17 | dir=in | app=c:\users\ado\documents\downloads\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"UDP Query User{C448226D-C3B9-450A-BA10-ED3D648A9D9C}C:\users\ado\documents\downloads\wowclient-downloader.exe" = protocol=17 | dir=in | app=c:\users\ado\documents\downloads\wowclient-downloader.exe |
"UDP Query User{CB263B7E-DF35-4449-8BF8-B3369F43B363}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{CE9A9409-7622-433B-8BB3-B95B55D73DBA}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{D67D85E9-5108-4DDB-AA88-BDF34C9A3D5B}C:\users\ado\documents\downloads\wow-burningcrusade-enus-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\ado\documents\downloads\wow-burningcrusade-enus-installer-downloader.exe |
"UDP Query User{D7CBBB76-0FD7-4C94-A4B7-D23B7DFD2FC6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E3455F9F-D631-4499-A4EE-0DA33AE74DEA}C:\users\ado\saved games\cstrike\hl.exe" = protocol=17 | dir=in | app=c:\users\ado\saved games\cstrike\hl.exe |
"UDP Query User{E65E14FB-371A-4852-849B-BFC02EF3DF1C}C:\users\ado\appdata\local\temp\9a7b0306f11c408a880aa772a3f933f1\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\ado\appdata\local\temp\9a7b0306f11c408a880aa772a3f933f1\relicdownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0588F90A-25C8-2920-6A9F-00B4A8D95933}" = Skins
"{05E97B10-EE77-4F7F-D3EB-A472AD267054}" = Catalyst Control Center Graphics Previews Vista
"{0690F2C9-F852-FA10-2921-483B33F7FBC2}" = Catalyst Control Center Localization Spanish
"{06FB62F9-9B05-9672-EC1A-6A8E89B6CED6}" = CCC Help Danish
"{094263D8-A1FB-1AC3-D854-8993E1328EB6}" = Catalyst Control Center Localization Japanese
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10DF81B5-521A-A9BC-55DC-150C61C9B984}" = Catalyst Control Center Localization Finnish
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1AD850C6-BA64-720E-2A11-C8EF89C0E35F}" = Catalyst Control Center Localization French
"{1ED0719A-151E-7927-B590-47E319C93DB5}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{243FFAF6-C159-BA4F-518D-4190F48F01B4}" = Catalyst Control Center Localization German
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"{27C153B7-53C6-4DE2-B497-2C8E16A48100}" = Catalyst Control Center Localization Czech
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{32257226-A2E2-F0F1-AC98-767B00FC2B83}" = Catalyst Control Center Localization Turkish
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{32C45A1B-968E-4D77-6A17-6C560FC3EBCF}" = Catalyst Control Center Localization Korean
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{410DAB8E-8A08-3D8A-78B1-71BEE6C9EC8A}" = Catalyst Control Center InstallProxy
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43FFE159-3199-4188-A1CD-629166AD1051}" = Nero 7 Ultra Edition
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A31C596-64D5-4613-83FD-D655A421588C}" = ESET Smart Security
"{4A5E6AE3-8748-662F-2B9A-E1B290493E17}" = CCC Help Russian
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4CF6A677-AA75-DD30-2A6A-3F9FD07309D9}" = Catalyst Control Center Localization Italian
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4E416B08-E8E1-8E43-4FDE-2E0F1892069D}" = Catalyst Control Center Localization Chinese Traditional
"{55BE6265-7D91-B82D-2E74-010E7A49930A}" = CCC Help Turkish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57254F87-57E8-CDAD-E9CA-601960937C91}" = Catalyst Control Center Graphics Full Existing
"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EC13585-DF84-BEE9-9E98-69707B4E26A4}" = CCC Help Spanish
"{71825395-E8E4-7DF8-76EB-7828537A0FCF}" = CCC Help Swedish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{7B5A0DE8-857C-ED8D-EF07-6231D0D6974A}" = Catalyst Control Center Localization Chinese Standard
"{7BB2A09D-24DA-C182-CE8A-4626061F6B14}" = Catalyst Control Center Localization Dutch
"{809A3BCA-2B18-4B8D-A0DB-3AE01BCFAB4F}" = Hama Whitestorm Pad
"{812183D0-0120-913B-B723-6C42D330294E}" = CCC Help German
"{81BD4CFD-C287-FABA-7562-48DFA7257E75}" = Catalyst Control Center Localization Danish
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{858C0C8C-1C7D-E5AB-E82F-297B0819131A}" = CCC Help Greek
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{895E2C31-EF1F-CA16-9929-C5EF761BD439}" = CCC Help Norwegian
"{8A48BB1D-D532-70D7-13DD-0866BBD7C734}" = Catalyst Control Center Localization Norwegian
"{8CB3B71F-76B0-2F88-80DC-05072E0A34B3}" = CCC Help Dutch
"{8E709BFD-D83A-5BCA-F6F4-5D32D4F3CD7E}" = CCC Help English
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90ADBA4A-DFEF-7B96-08D5-149976BF607C}" = Catalyst Control Center Graphics Light
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{98F91AF3-74BB-46E3-A9B7-48EED309C3C2}" = Catalyst Control Center - Branding
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CAFB62E-6726-6216-95E1-79D8B3AC2A0D}" = Catalyst Control Center Localization Thai
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Akustický tlmič jednotky CD/DVD
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3C3AD3B-87E8-E9AC-EEA7-B59ECD0B7644}" = CCC Help Finnish
"{A97B1473-120F-30F0-9B8C-63DBFF880099}" = CCC Help French
"{AA8BF875-3345-CD10-4944-B65408E45604}" = Catalyst Control Center Localization Greek
"{AC76BA86-7AD7-1051-7B44-A81200000003}" = Adobe Reader 8 - Slovak
"{AF00A29C-21C5-641E-D1CE-6CDF3CC84869}" = ccc-utility
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5AE11CE-14A9-B335-33EA-264BE8BCEC45}" = CCC Help Thai
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B64FC659-36E1-9F6B-3561-FB926B83784D}" = ATI Catalyst Install Manager
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7C80659-541B-E337-DA18-096D106C2247}" = CCC Help Hungarian
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB9986E2-A080-CD10-48EC-D7E3975166A1}" = CCC Help Japanese
"{BEC7BDC8-7A83-4312-9340-1ECDF06C1434}" = Microsoft Works
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C72CB11D-3079-3738-44FA-90750306B639}" = CCC Help Italian
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDD244BD-94BF-8D1A-00BC-62F2AA48F738}" = ccc-core-static
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0D9E0A5-4430-8149-9DD9-64437AE77CD8}" = Catalyst Control Center Localization Swedish
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.313
"{DD30361F-5644-CDEA-1529-F717616196F1}" = CCC Help Portuguese
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EA11DF13-96E7-1170-32A1-B5ED55F24B65}" = CCC Help Chinese Traditional
"{EBDFE371-668B-7928-1646-D39AFD6E55E6}" = CCC Help Korean
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ED8C50BF-6F2F-E959-E50B-413AB71C83EB}" = Catalyst Control Center Localization Polish
"{EE30EACC-EA25-B6C2-2318-3924A206F874}" = CCC Help Czech
"{EE5F5205-450F-49FD-4032-858375704CAE}" = CCC Help Polish
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2575A26-382B-9298-9FC6-8A72B3E8947D}" = Catalyst Control Center Localization Hungarian
"{F7FE0D89-25DA-B752-1629-560369ED9BAD}" = Catalyst Control Center Localization Portuguese
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{F89BC188-8EEB-4867-BA48-7AA5E43B184A}" = Manuály TOSHIBA
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FCE188-6866-3E0D-0AFB-B8652F5CE50C}" = Catalyst Control Center Graphics Full New
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9E353F8-EA68-F15C-2473-CD0CA255D15B}" = CCC Help Chinese Standard
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FECAEDC1-7579-AFA5-F026-F3EB09A15136}" = Catalyst Control Center Localization Russian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17091)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AllFive XP_is1" = AllFive XP
"aTube Catcher" = aTube Catcher
"CCleaner" = CCleaner
"CS Codec Solution_is1" = CS Codec Solution 1.10
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"Lara Croft and the Guardian of Light_is1" = Lara Croft and the Guardian of Light
"MagicDisc 2.5.79" = MagicDisc 2.5.79
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Update Engine" = Sony Ericsson Update Engine
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-680335954-692640338-3888189223-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26. 10. 2010 21:18:38 | Computer Name = Ado-PC | Source = WinMgmt | ID = 10
Description =

Error - 26. 10. 2010 21:23:40 | Computer Name = Ado-PC | Source = VSS | ID = 8194
Description =

Error - 27. 10. 2010 7:22:13 | Computer Name = Ado-PC | Source = WinMgmt | ID = 10
Description =

Error - 27. 10. 2010 7:26:05 | Computer Name = Ado-PC | Source = VSS | ID = 8194
Description =

Error - 27. 10. 2010 18:37:42 | Computer Name = Ado-PC | Source = WinMgmt | ID = 10
Description =

Error - 27. 10. 2010 18:43:13 | Computer Name = Ado-PC | Source = VSS | ID = 8194
Description =

Error - 28. 10. 2010 5:22:56 | Computer Name = Ado-PC | Source = WinMgmt | ID = 10
Description =

Error - 28. 10. 2010 5:25:23 | Computer Name = Ado-PC | Source = WinDefendRtp | ID = 3003
Description = %%827 Real-Time Protection checkpoint has encountered an error and
failed to start. User: Ado-PC\Ado Checkpoint ID: 7 Error Code: 0x80070020 Error description:
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.

Error - 28. 10. 2010 17:07:34 | Computer Name = Ado-PC | Source = WinMgmt | ID = 10
Description =

Error - 28. 10. 2010 18:38:51 | Computer Name = Ado-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 6. 10. 2011 12:55:31 | Computer Name = Ado-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 18:50:54 on 6. 10. 2011 was unexpected.

Error - 23. 10. 2011 2:07:46 | Computer Name = Ado-PC | Source = Print | ID = 19
Description = Službe zaraďovača tlače sa nepodarilo zdieľať tlačiareň Odoslať do
programu OneNote 2007 s názvom zdieľaného prostriedku Odoslať do programu OneNote
2007. Chyba 2114. Tlačiareň nemôžu používať iní používatelia v sieti.

Error - 25. 10. 2011 17:54:39 | Computer Name = Ado-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.4 for the Network Card with network
address 0024D200FB09 has been denied by the DHCP server 192.168.2.1 (The DHCP Server
sent a DHCPNACK message).

Error - 25. 10. 2011 17:54:38 | Computer Name = Ado-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 26. 10. 2011 2:50:53 | Computer Name = Ado-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 26. 10. 2011 8:18:33 | Computer Name = Ado-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.5. The computer with the IP address 192.168.2.3 did not
allow the name to be claimed by this computer.

Error - 28. 10. 2011 0:36:27 | Computer Name = Ado-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 30. 10. 2011 1:51:55 | Computer Name = Ado-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 9. 11. 2011 11:29:44 | Computer Name = Ado-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 10. 11. 2011 5:22:34 | Computer Name = Ado-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:20:31 on 10. 11. 2011 was unexpected.

< End of report >

#8 Příspěvek od **Mc_Murphy** » 14 lis 2011 13:40

Vzhledem k tomu, že používáš nelegální software

se nedivím, že jsi návštěvníkem našeho fóra.

Dle pravidel fóra (viz zde a zde bod č.3) se však nelegálním software nezabýváme, jelikož nelegální programy jsou většinou zdrojem havěti. Navíc tím porušuješ i autorská práva Obrázek

, pácháš trestný čin a ten, jako takový, nebude naším fórem podporován! Uvědom si, že jsi na bezpečnostním fóru - podpora warezu (zvláště operačních systémů a bezpečnostních programů) by byla zcela proti logice fóra.

Rád bych věděl, jak je na tom systém, taky cracknutý?

HopemZabar · #9 Příspěvek od **HopemZabar** » 14 lis 2011 13:57

System je original, ak prekaza ten antivir alebo nieco ine, kludne to dam prec... ak to teda pomoze

#10 Příspěvek od **Mc_Murphy** » 14 lis 2011 14:12

OK tedy.

Odeber nelegální ESET ze systému, stejně jako další cracknuté programy, ESET nahraď nějakým free řešením dle Tvého výběru - AVAST! FREE Antivirus nebo AVIRA ANTIVIR Personal a pak mi sem hoď nové logy z OTL se scriptem podle předešlého návodu.

HopemZabar · #11 Příspěvek od **HopemZabar** » 14 lis 2011 17:14

Neviem preco, ale log mi teraz ukazalo iba jeden

OTL logfile created on: 14. 11. 2011 15:42:00 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ado\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,25 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 46,01% Memory free
6,72 Gb Paging File | 4,97 Gb Available in Paging File | 73,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,15 Gb Total Space | 61,49 Gb Free Space | 33,03% Space Free | Partition Type: NTFS
Drive E: | 184,99 Gb Total Space | 114,25 Gb Free Space | 61,76% Space Free | Partition Type: NTFS

Computer Name: ADO-PC | User Name: Ado | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
PRC - [2011/10/19 16:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/07/13 00:34:05 | 007,704,216 | ---- | M] (Blizzard Entertainment) -- C:\Users\Public\Games\World of Warcraft\WoW.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/07/10 17:57:30 | 000,634,880 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/04/22 11:44:00 | 000,648,520 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2008/04/18 19:27:52 | 000,316,744 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2008/04/18 19:27:40 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008/04/17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/16 16:43:32 | 002,577,736 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2008/04/14 23:05:40 | 002,979,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/31 19:08:50 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008/03/19 13:35:42 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/01/21 03:24:37 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/09 10:38:44 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (No Company Name) ==========

MOD - [2010/04/29 11:24:42 | 000,413,696 | ---- | M] () -- C:\Users\Public\Games\World of Warcraft\DivxDecoder.dll
MOD - [2008/10/11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/08/08 02:03:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/03/06 10:14:54 | 005,121,912 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007/12/25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007/12/14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/12/01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2006/10/10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/07/22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/07/10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 00:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2006/10/05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/10/19 16:56:50 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/19 16:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 16:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/06/25 11:59:02 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/06/25 11:59:02 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/01/16 12:46:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/06/02 01:15:26 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/06/02 01:15:26 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/08/19 21:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/08/08 02:04:00 | 003,885,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/08/08 02:04:00 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/04/23 17:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/04/15 09:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/03/25 13:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 11:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/03/17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/27 19:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/15 18:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/09/05 00:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/08/31 17:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 15:14:22 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006/11/30 15:14:14 | 000,086,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45obex.sys -- (se45obex)
DRV - [2006/11/30 15:14:10 | 000,088,624 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006/11/30 15:14:10 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006/11/30 15:14:04 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006/11/30 15:14:04 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006/11/30 15:13:56 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006/11/28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/07/11 18:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/01/07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEA

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ulozto.cz/
IE - HKU\S-1-5-21-680335954-692640338-3888189223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://sk.darkorbit.com/?aid=1292&aig=22&aip=sup1_s"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16749
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ado\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/09 17:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009/05/23 14:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Extensions
[2011/11/14 11:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions
[2011/11/10 17:01:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/23 23:53:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Ado\AppData\Roaming\mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/11/10 17:01:13 | 000,002,557 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\searchplugins\askcom.xml
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/12 10:42:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/12 11:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/13 01:21:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/12 12:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/15 09:26:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/15 10:44:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/05/23 14:36:33 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/09 17:41:06 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/04/09 17:41:06 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011/04/09 17:41:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011/04/09 17:41:06 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/04/09 17:41:06 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ado\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ado\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_JamesWhite = C:\Users\Ado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\

O1 HOSTS File: ([2011/09/20 09:25:51 | 000,437,852 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15062 more lines...
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55526FF5-4273-4464-9945-58B00690A785}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ado\Documents\Downloads\PhylissAnn_razielSurpassing.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{a202a486-286b-11e0-8a79-00037a9e6452}\Shell\AutoRun\command - "" = H:\USBNB.exe
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\explore\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\open\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\Mpeg\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\Mpeg\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\System32\I263_32.drv (Intel Corporation)
Drivers32: VIDC.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011/11/14 15:26:41 | 000,000,000 | ---D | C] -- C:\Users\Ado\AppData\Roaming\Avira
[2011/11/14 15:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/11/14 15:20:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/11/14 15:20:49 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/11/14 15:20:49 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/11/14 15:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/11/14 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/11/14 11:35:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/11/13 00:18:01 | 000,000,000 | ---D | C] -- C:\rsit
[2009/10/06 08:45:30 | 007,993,160 | ---- | C] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2009/04/11 11:16:14 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Ado\AppData\Roaming\pcouffin.sys
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011/11/14 15:45:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/11/14 15:38:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000UA.job
[2011/11/14 15:21:07 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/11/14 15:13:29 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 15:13:29 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 15:06:59 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 15:06:58 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 15:06:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 15:06:42 | 3487,391,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 11:35:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ado\Desktop\OTL.exe
[2011/11/12 06:56:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/10 22:42:14 | 000,002,072 | ---- | M] () -- C:\Users\Ado\Desktop\Google Chrome.lnk
[2011/11/10 20:38:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000Core.job
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/14 15:21:07 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/11/14 11:43:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/04/20 11:47:26 | 000,000,000 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\wklnhst.dat
[2010/04/21 14:55:45 | 000,000,045 | -H-- | C] () -- C:\Windows\dvis3006.dat
[2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/16 20:07:48 | 000,564,224 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2010/03/16 20:07:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/03/16 20:07:47 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/03/16 20:07:23 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/03/14 15:18:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009/12/27 17:16:13 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/20 21:04:27 | 000,001,041 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\vso_ts_preview.xml
[2009/09/17 07:26:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/17 07:26:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/03 15:52:37 | 000,000,022 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009/09/03 15:52:37 | 000,000,014 | ---- | C] () -- C:\Windows\dswplug.ini
[2009/06/22 23:58:53 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/22 13:33:23 | 000,000,005 | ---- | C] () -- C:\Windows\sbacknt.bin
[2009/06/02 01:15:26 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/06/02 01:15:26 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/05/23 14:36:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/04/23 18:14:44 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/04/23 18:14:43 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/04/23 18:14:36 | 000,183,112 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/04/14 15:39:23 | 000,001,356 | ---- | C] () -- C:\Users\Ado\AppData\Local\d3d9caps.dat
[2009/04/13 08:41:47 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/04/11 11:16:14 | 000,087,608 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2009/04/11 11:16:14 | 000,007,887 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.cat
[2009/04/11 11:16:14 | 000,001,144 | ---- | C] () -- C:\Users\Ado\AppData\Roaming\pcouffin.inf
[2009/03/09 20:53:02 | 000,056,320 | ---- | C] () -- C:\Users\Ado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/09 13:26:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/03/09 13:26:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/03/09 13:26:46 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/03/09 13:26:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/03/09 12:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/11/21 10:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/11/21 10:05:51 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/11/21 10:05:51 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/11/21 10:05:51 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/11/21 10:05:51 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/11/21 10:05:51 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/11/21 09:27:27 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/11/21 09:27:27 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/11/21 09:27:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/11/21 09:24:44 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/11/21 09:24:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/11/21 09:24:43 | 000,174,820 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/11/21 09:24:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/11/21 08:54:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/11/21 08:30:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 002,325,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,604,764 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,096 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/20 21:07:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006/07/10 17:54:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2005/10/15 13:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 13:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2009/06/09 19:36:13 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\.#
[2009/05/23 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\.Torrent Swapper
[2009/12/01 11:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\2K Sports
[2009/04/06 16:34:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\aAvgApi
[2010/01/13 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\BitCometLite
[2009/04/23 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\DAEMON Tools Lite
[2010/03/17 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\ESET
[2010/05/13 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Facebook
[2009/12/30 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FlashGet
[2010/03/22 17:40:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\fltk.org
[2009/09/29 14:07:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FrostWire
[2009/04/23 18:07:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Leadertech
[2011/08/05 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Lionhead Studios
[2010/01/26 11:14:41 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\lowsec
[2011/01/31 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\MAGIX
[2011/05/27 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mirillis
[2010/04/21 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\mojosoft
[2011/04/20 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Template
[2009/07/02 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\The Creative Assembly
[2009/03/13 10:43:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Toshiba
[2011/08/28 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\TS3Client
[2010/12/06 21:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ubisoft
[2011/10/12 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\uTorrent
[2009/06/23 08:40:39 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vghd
[2011/02/13 08:45:10 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\VitySoft
[2011/10/31 11:04:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Vso
[2010/04/21 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Zoner
[2011/11/14 15:05:49 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008/01/21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008/01/21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008/06/03 04:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008/06/03 04:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: LSASS.EXE >
[2009/06/15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/02/13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NTFS.SYS >
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SMSS.EXE >
[2008/01/21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
[2008/01/21 06:24:43 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\en-US\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

HopemZabar · #12 Příspěvek od **HopemZabar** » 14 lis 2011 17:15

< %systemroot%\system32\drivers\*.sys /X >
[2008/08/08 02:02:00 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2008/08/08 02:03:00 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2008/08/08 02:03:00 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2008/08/08 02:03:00 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2008/08/08 02:03:00 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006/09/18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006/09/18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008/01/21 03:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011/08/23 09:03:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/08/23 09:03:46 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2008/11/21 09:33:00 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/05/12 10:52:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2009/03/31 17:07:05 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/11/18 09:28:22 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/04/14 11:22:47 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/11/18 09:28:52 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2008/01/18 17:45:30 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX0.dat
[2008/01/18 17:45:30 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX1.dat
[2008/02/04 20:00:56 | 000,000,176 | ---- | M] () -- C:\Windows\system32\drivers\RTHDAEQ0.dat
[2008/02/04 20:00:56 | 000,000,176 | ---- | M] () -- C:\Windows\system32\drivers\RTHDAEQ1.dat
[2008/01/18 17:45:30 | 000,000,852 | ---- | M] () -- C:\Windows\system32\drivers\RTKHDRC0.dat
[2008/01/18 17:45:30 | 000,000,852 | ---- | M] () -- C:\Windows\system32\drivers\RTKHDRC1.dat
[2009/03/09 12:52:49 | 000,000,000 | RHS- | M] () -- C:\Windows\system32\drivers\TOSHIBA_Satellite A300D_08451-SK_PSAHCE-01000.MRK

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/01/16 12:46:16 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011/11/14 15:06:58 | 000,003,744 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 15:06:59 | 000,003,744 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 06:56:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011/11/14 15:13:29 | 000,108,096 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011/11/14 15:13:29 | 000,604,764 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011/11/14 15:13:29 | 000,716,862 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2009/06/09 19:36:13 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\.#
[2009/05/23 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\.Torrent Swapper
[2009/12/01 11:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\2K Sports
[2009/04/06 16:34:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\aAvgApi
[2011/11/14 14:28:19 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Adobe
[2009/10/18 09:39:59 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/24 16:31:45 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ahead
[2010/03/16 20:07:37 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Apple Computer
[2011/11/14 15:26:41 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Avira
[2010/01/13 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\BitCometLite
[2009/04/23 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\DAEMON Tools Lite
[2010/04/13 22:21:53 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\dvdcss
[2010/03/17 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\ESET
[2010/05/13 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Facebook
[2009/12/30 21:39:29 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FlashGet
[2010/03/22 17:40:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\fltk.org
[2009/09/29 14:07:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\FrostWire
[2009/03/09 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Google
[2009/03/09 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Identities
[2009/03/09 13:04:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\InstallShield
[2009/04/23 18:07:08 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Leadertech
[2011/08/05 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Lionhead Studios
[2010/01/26 11:14:41 | 000,000,000 | -HSD | M] -- C:\Users\Ado\AppData\Roaming\lowsec
[2009/03/22 16:09:50 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Macromedia
[2011/01/31 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\MAGIX
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Media Center Programs
[2009/12/01 21:59:38 | 000,000,000 | --SD | M] -- C:\Users\Ado\AppData\Roaming\Microsoft
[2011/05/27 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mirillis
[2010/04/21 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\mojosoft
[2009/05/23 14:36:54 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Mozilla
[2009/12/14 00:29:49 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\NCH Software
[2009/09/24 16:33:38 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Nero
[2009/04/23 19:53:56 | 000,000,000 | RH-D | M] -- C:\Users\Ado\AppData\Roaming\SecuROM
[2009/10/25 09:08:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\skypePM
[2011/04/20 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Template
[2009/07/02 17:45:43 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\The Creative Assembly
[2009/03/13 10:43:46 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Toshiba
[2011/08/28 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\TS3Client
[2010/12/06 21:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Ubisoft
[2011/10/12 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\uTorrent
[2009/06/23 08:40:39 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vghd
[2011/02/13 08:45:10 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\VitySoft
[2010/03/12 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\vlc
[2011/10/31 11:04:15 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Vso
[2009/03/25 22:38:44 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\WinRAR
[2010/04/21 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Ado\AppData\Roaming\Zoner

< %APPDATA%\*.* >
[2009/11/20 21:03:45 | 000,087,608 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2010/01/27 09:56:51 | 007,993,160 | ---- | M] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2009/11/20 21:03:45 | 000,007,887 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.cat
[2009/11/20 21:03:45 | 000,001,144 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.inf
[2009/11/20 21:03:52 | 000,000,034 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\pcouffin.log
[2009/11/20 21:03:45 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Ado\AppData\Roaming\pcouffin.sys
[2011/10/31 11:04:14 | 000,001,041 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\vso_ts_preview.xml
[2011/04/20 11:47:26 | 000,000,000 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\wklnhst.dat

< %APPDATA%\*.exe /s >
[2009/11/20 21:03:45 | 000,087,608 | ---- | M] () -- C:\Users\Ado\AppData\Roaming\inst.exe
[2010/01/27 09:56:51 | 007,993,160 | ---- | M] (Electronic Arts ) -- C:\Users\Ado\AppData\Roaming\nfssetup.exe
[2010/05/13 07:31:13 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Ado\AppData\Roaming\Facebook\uninstall.exe
[2009/05/18 11:38:56 | 004,506,256 | ---- | M] (Lime Wire LLC) -- C:\Users\Ado\AppData\Roaming\FrostWire\.NetworkShare\LimeWireWin4.16.6.exe
[2009/10/18 10:41:19 | 000,003,584 | R--- | M] () -- C:\Users\Ado\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2010/12/22 16:40:32 | 000,012,611 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].torrent
[2010/12/22 16:42:16 | 038,445,769 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\Virtual DJ v7.0 PRO + Crack [ChattChitto RG]\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].exe
[1998/01/01 00:00:00 | 000,107,915 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Hantro\Hantro_v3.3_full_cracked_18plus2.sis
[1996/12/24 20:32:00 | 000,131,088 | ---- | M] () -- \Users\Ado\Saved Games\Nintendo\NES ROMS\Crackout (U) (Prototype).nes

< *keygen* /s >
[2011/01/16 12:52:26 | 000,000,570 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Lavalys.EVEREST.Ultimate.Edition.v4.50.1330.Multilingual.Keygen.Only-ViRiLiTY.torrent
[2003/01/20 00:59:34 | 000,041,472 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Geopod\Geopod\keygen.exe
[2003/01/09 08:38:10 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MGSkarting_cracked\karting\keygen.exe
[2002/12/26 11:19:42 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MGS-Silverball_v1.60\Silverball_v1.60\keygen.exe
[2002/12/26 11:18:50 | 000,040,960 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\MVRPool\MVRPool\keygen.exe
[2003/01/07 11:37:36 | 000,039,936 | ---- | M] () -- \Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160\BIG_PACK_JAVA\BIG PACK JAVA\1000_Cell_Phone_Java_Games_Motorola\Tennis Maniac\keygen.exe

< *loader* /s >
[2011/10/19 16:56:26 | 000,047,568 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2011/10/19 16:56:26 | 000,234,448 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2011/10/19 16:56:27 | 001,715,152 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[8 \Program Files\Avira\AntiVir Desktop\*.tmp files -> \Program Files\Avira\AntiVir Desktop\*.tmp -> ]
[2007/03/12 12:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011/06/30 15:14:36 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2007/02/05 15:54:52 | 000,045,056 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.exe
[2006/03/20 11:43:36 | 000,000,273 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.ini
[2008/06/20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010/03/06 06:30:38 | 000,847,040 | ---- | M] () -- \Users\Ado\AppData\Roaming\Facebook\axfbootloader.dll
[2010/04/08 15:11:38 | 000,009,225 | ---- | M] () -- \Users\Ado\AppData\Roaming\Mozilla\Firefox\Profiles\1xrkzgt0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\content\scriptdownloader.js
[2009/10/28 09:32:10 | 014,592,024 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\102-miles_davis-freddie_freeloader.mp3
[2009/10/28 09:27:34 | 001,103,880 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\107-miles_davis-freddie_freeloader_(studio_sequence_1).mp3
[2009/10/28 09:27:35 | 002,138,823 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\108-miles_davis-freddie_freeloader_(false_start).mp3
[2009/10/28 00:23:15 | 002,120,484 | ---- | M] () -- \Users\Ado\Music\JAZZ\Miles Davis-Kind Of Blue (50th Anniversary Collectors Edition)(2008) [WwW.LoKoTorrents.Com]\109-miles_davis-freddie_freeloader_(studio_sequence_2)_(previously_unreleased).mp3
[2010/03/16 00:11:13 | 002,390,472 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe
[2011/08/09 07:28:57 | 000,002,394 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2010/04/29 11:24:40 | 001,077,904 | ---- | M] () -- \Users\Public\Games\World of Warcraft\BackgroundDownloader.exe
[2010/04/29 11:50:50 | 002,167,496 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0-enUS-downloader.exe
[2010/04/29 12:19:11 | 002,379,336 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enUS-downloader.exe
[2010/03/15 23:36:13 | 002,069,792 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe
[2010/03/15 23:38:59 | 002,067,232 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe
[2010/03/15 23:40:07 | 002,390,472 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe
[2010/04/29 12:37:13 | 002,336,072 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.0.10958-to-3.3.0.11159-enUS-downloader.exe
[2010/04/29 12:37:54 | 002,348,440 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enUS-downloader.exe
[2010/05/13 07:51:31 | 002,651,696 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enUS-downloader.exe
[2010/05/13 08:06:01 | 002,640,176 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.3.11685-to-3.3.3.11723-enUS-downloader.exe
[2010/07/13 00:27:14 | 002,711,328 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.3.11723-to-3.3.5.12213-enUS-downloader.exe
[2010/07/13 00:32:45 | 002,710,448 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-3.3.5.12213-to-3.3.5.12340-enUS-downloader.exe
[2011/08/09 07:28:36 | 002,067,706 | ---- | M] () -- \Users\Public\Games\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2010/04/29 11:22:29 | 000,003,026 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/04/29 11:22:29 | 000,004,261 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2008/11/21 10:21:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2006/07/20 21:07:50 | 000,053,248 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008/01/21 06:29:14 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/01/21 06:29:14 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008/01/21 06:29:14 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2009/09/17 12:42:02 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009/09/17 12:42:02 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009/09/17 12:42:02 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 03:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008/02/29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008/02/29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008/02/29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008/02/29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008/02/29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008/02/29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008/02/29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008/02/29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008/02/29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008/02/29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008/02/29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008/02/29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008/02/29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008/02/29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 06:23:06 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/02/29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008/02/29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 03:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008/02/29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008/02/29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 03:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Program Files\MiNODLogin\MiNODLoginUninst.exe
[2010/03/17 15:48:44 | 000,000,920 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\ESET Antivirus Licence Finder (MiNODLogin) 3.6.0.1.exe.torrent
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Documents\Downloads\69laco-ESET\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Documents\Downloads\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2011/10/25 23:21:06 | 118,819,232 | ---- | M] () -- \Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1.zip
[2011/09/14 11:23:54 | 000,391,800 | ---- | M] () -- \Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1\EsetSmartSecurity 5 CZ 64bit,32bit + MiNODLogin 3.9.8.1\MiNODLogin 3.9.8.1\MiNODLogin 3.9.8.1.exe
[2009/10/03 08:42:54 | 000,125,952 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLogin.exe
[2009/10/03 08:42:50 | 000,143,883 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLogin.jar
[2009/10/03 08:42:58 | 000,053,248 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLoginLib.dll
[2010/03/07 10:15:30 | 000,094,788 | ---- | M] () -- \Users\Ado\Downloads\Instalacky\MiNODLogin\MiNODLogin\MiNODLoginUninst.exe
[2011/11/09 08:31:25 | 000,030,732 | ---- | M] () -- \Windows\Prefetch\MINODLOGIN.EXE-C653F8E6.pf

< *tnod* /s >
[2006/09/06 17:33:50 | 000,114,688 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\afdwTextNode.dll

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/06/30 15:13:52 | 000,026,761 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.10.2.0.jar
[2011/06/30 15:13:52 | 000,049,508 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.11.7.13.jar
[2011/06/30 15:14:56 | 000,002,239 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.11.7.13.jar
[2011/08/23 08:59:37 | 000,057,344 | ---- | M] () -- \ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\7\1\.cp\lib\serialio.dll
[2009/06/02 01:52:49 | 000,000,029 | ---- | M] () -- \ProgramData\Tages\100663362\Serial.txt
[2008/02/21 18:19:56 | 000,051,622 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\smserial.inf
[2008/02/21 18:37:40 | 001,197,568 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\amd64\SmSerial.sys
[2008/02/21 18:29:00 | 001,092,608 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\x86\SmSerial.sys
[2010/04/09 14:55:15 | 000,000,024 | ---- | M] () -- \Users\Ado\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2011/09/20 09:00:04 | 000,016,216 | ---- | M] () -- \Users\Ado\AppData\Roaming\uTorrent\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small].torrent
[2011/03/29 22:29:50 | 000,025,216 | ---- | M] () -- \Users\Ado\Downloads\Microsoft_Office_Enterprise_2007[Serial_Key_Included].5225806.TPB.torrent
[2011/09/20 09:00:04 | 000,016,216 | ---- | M] () -- \Users\Ado\Downloads\Nero_7_Premium_Edition___Serial_[1337x]_[Ahmed]_[Fast___Small].5358690.TPB.torrent
[2010/08/02 20:53:02 | 000,008,786 | ---- | M] () -- \Users\Ado\Downloads\epgp-5.5.19\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 20:53:02 | 000,000,216 | ---- | M] () -- \Users\Ado\Downloads\epgp-5.5.19\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011/09/20 09:03:44 | 000,001,201 | ---- | M] () -- \Users\Ado\Downloads\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small]\Serial\Serial.txt
[2011/08/23 08:59:37 | 000,057,344 | ---- | M] () -- \Users\All Users\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\7\1\.cp\lib\serialio.dll
[2009/06/02 01:52:49 | 000,000,029 | ---- | M] () -- \Users\All Users\Tages\100663362\Serial.txt
[2010/08/02 20:53:02 | 000,008,786 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 20:53:02 | 000,000,216 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010/04/02 22:39:12 | 000,009,066 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/04/02 22:39:12 | 000,000,219 | ---- | M] () -- \Users\Public\Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/10/22 07:46:39 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/15 06:35:26 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4b4c359912c1241246f50a4c47dbab3c\System.Runtime.Serialization.ni.dll
[2011/10/15 06:27:56 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f97b31da89858b85c70b4eb45bc91ace\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 06:02:46 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011/10/16 06:03:00 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 06:08:45 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011/10/15 05:52:14 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/15 05:52:10 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/15 05:52:23 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2004/07/15 13:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008/01/21 06:26:04 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2008/01/21 06:24:37 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006/11/02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006/11/02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008/01/21 06:24:26 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/09/17 12:42:09 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009/09/17 12:42:09 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008/01/21 06:29:15 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2009/09/17 12:42:30 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006/11/02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008/01/21 03:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2009/04/10 23:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010/04/12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2010/04/12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2006/11/02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2010/04/12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2010/04/12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2006/11/02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008/01/21 03:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2009/04/10 23:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010/04/12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2010/04/12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2006/11/02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008/01/21 03:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009/04/10 23:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006/11/02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006/11/02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008/01/21 03:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2009/04/10 23:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010/04/12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2010/04/12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2006/10/20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008/01/21 03:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2009/02/18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2010/04/12 13:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2008/01/21 06:26:04 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008/01/21 06:24:26 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008/01/21 06:24:37 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008/01/21 06:26:04 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006/11/02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008/01/21 03:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *legalizator* /s >

< *registration* /s >
[2011/07/15 10:44:57 | 000,001,544 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[2008/01/11 03:07:52 | 000,574,864 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistration.exe
[2007/05/01 02:53:42 | 000,000,691 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistration.exe.config
[2008/01/11 03:08:40 | 000,050,576 | ---- | M] () -- \Program Files\Toshiba\Registration\ToshibaRegistrationCompletion.exe
[2008/01/11 03:08:34 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\cs\ToshibaRegistration.resources.dll
[2008/01/11 03:08:16 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\da\ToshibaRegistration.resources.dll
[2008/01/11 03:07:56 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\de\ToshibaRegistration.resources.dll
[2008/01/11 03:07:54 | 000,087,440 | ---- | M] () -- \Program Files\Toshiba\Registration\en\ToshibaRegistration.resources.dll
[2008/01/11 03:08:02 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\es\ToshibaRegistration.resources.dll
[2008/01/11 03:08:20 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\fi\ToshibaRegistration.resources.dll
[2008/01/11 03:08:00 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\fr\ToshibaRegistration.resources.dll
[2008/01/11 03:08:36 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\hu\ToshibaRegistration.resources.dll
[2008/01/11 03:08:06 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\it\ToshibaRegistration.resources.dll
[2008/01/11 03:08:08 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\nl\ToshibaRegistration.resources.dll
[2008/01/11 03:08:22 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\no\ToshibaRegistration.resources.dll
[2008/01/11 03:08:24 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\pl\ToshibaRegistration.resources.dll
[2008/01/11 03:08:28 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\pt\ToshibaRegistration.resources.dll
[2008/01/11 03:08:10 | 000,124,304 | ---- | M] () -- \Program Files\Toshiba\Registration\ru\ToshibaRegistration.resources.dll
[2008/01/11 03:08:14 | 000,116,112 | ---- | M] () -- \Program Files\Toshiba\Registration\sv\ToshibaRegistration.resources.dll
[2008/01/11 03:08:30 | 000,112,016 | ---- | M] () -- \Program Files\Toshiba\Registration\tr\ToshibaRegistration.resources.dll
[2009/04/23 18:06:48 | 000,001,351 | ---- | M] () -- \ProgramData\Microsoft\Windows\GameExplorer\{9D4E5DDB-8A26-4076-A2A6-8F34C93C7025}\PlayTasks\3\Electronic Registration.lnk
[2009/10/31 16:40:45 | 000,000,315 | ---- | M] () -- \Users\Ado\AppData\Roaming\Adobe\com.adobe.330.ALL.registration
[2009/04/23 18:06:48 | 000,001,351 | ---- | M] () -- \Users\All Users\Microsoft\Windows\GameExplorer\{9D4E5DDB-8A26-4076-A2A6-8F34C93C7025}\PlayTasks\3\Electronic Registration.lnk
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2006/11/02 11:03:15 | 000,001,337 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-shell-registration_31bf3856ad364e35_6.0.6000.16386_none_bf75ea98a3f05594.manifest
[2006/11/02 13:33:38 | 000,004,263 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-t..client-registration_31bf3856ad364e35_6.0.6000.16386_none_795b3df162d03137.manifest
[2006/11/02 11:06:46 | 000,009,386 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-xwizards-registration_31bf3856ad364e35_6.0.6000.16386_none_16e20c08ebb573de.manifest

< *Office 2010* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-14 10:15:58

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\Users\Ado\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\index.dat\0\??\C:\Users\Ado\AppData\Roaming\MICROS~1\Windows\Cookies\index.dat\0\??\C:\Users\Ado\AppData\Roaming\MICROS~1\Windows\Cookies\Low\index.dat\0\??\C:\Users\Ado\AppData\Local\MICROS~1\Windows\History\History.IE5\index.dat\0\??\C:\Users\Ado\AppData\Local\Temp\_iu14D2N.tmp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\64bitProxy.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\addr_file.html\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aebb.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aecore.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aeemu.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aegen.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aehelp.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aeheur.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aelidb.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aeoffice.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aepack.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aerdl.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aesbx.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aescn.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aescript.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aeset.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aevdf.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\aevdf.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\antivir.oem\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\antivir0.rdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\apnic.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\apnstub.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\apntoolbarinstaller.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AppRemover_64.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AppRemover_API.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AppRemover_CLI.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AppRemover_EULA.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AppRemover_Excluded.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avacl.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avadmin.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avarkt.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avbb.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avcenter.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avconfig.cpl\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avconfig.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avconfig.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avconfig64.cpl\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avesvc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avevtlog.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avghook.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avgio.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avgnt.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avguard.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avguard.xml\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avhlp.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avinet.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avipc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AVManagerUnified.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avmres.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avnotify.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avpref.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avreg.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avreg.yml\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avrep.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avrestart.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avscan.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avscan.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avscplr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avsda.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avsda64.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\AVSDKList.zip\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avsmtp.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avupgsvc.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwebgrd.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwebloader.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwebloader.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwebloadergui.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwinll.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwmi.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\avwsc.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\build.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccavscanex.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccev.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccevw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccgen.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccgenw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccgrdw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccguard.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\cchips.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\cclic.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\cclicw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccmsg.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccprofil.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccquamgr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccquaw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccreport.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccrepow.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccscanw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccsched.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccschedw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccupdate.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccupdw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccwgrd.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccwgrdw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ccwkrlib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\cfglib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\default.wav\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\doSilent.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\efc.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\about.htm\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\alertcat.htm\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\alerttyp.htm\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\alertvir.htm\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\alldiscs.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\alldrives.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avconfigrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avesvcr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avevtrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avnotify.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avscan.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avwebgrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\avwin.chm\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccavscanexrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccevrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccgenrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccgrdrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\cchipsrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\cclicrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccmainrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccmsgrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccplg.xml\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccquarc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccreporc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccscanrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccscherc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccupdrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\ccwgrdrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\defaults.ini\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\eula.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\factrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\folder.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\guardmsg.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\licmgr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\lukeres.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\mydocs.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\prefix_msg.avr\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\process.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\prodinfo.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\produpd.avj\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\quicksysscan.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\rchelp.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\rcimage.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\rctext.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\readme.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\restartrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\rmdiscs.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\rootkit.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\scanjob.avj\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\schedr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\setup.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\setupprf.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\startupd.avj\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\sweb.zip\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\sysdir.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\sysscan.avp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\toolbar_eula.txt\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\updatemsg.avr\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\updaterc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\updguirc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\updjob.avj\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\webcatrc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\weblink.url\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\en-us\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\extdlgfw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\fact.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\filelist.ini\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gavid.xsl\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpavgio.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpevtlog.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpgavid.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpgen.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpgenrep.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpgrd.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpgui.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpipc.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gplegacy.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\gpschd.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\grdcore.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\guardgui.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\hbedv.key\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\imp64b.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\Impl_AntiphishingLib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\Impl_AntivirusLib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\Impl_FirewallLib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\Impl_SoftwareProductLib.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\inetset.bin\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\inssda64.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\insthlp.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ipmgui.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\libdb44.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\license.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\licmgr.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\luke.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ManualUninstallConfig.zip\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\mgrs.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\Microsoft.VC80.CRT.manifest\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\msgclient.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\msvcp80.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\msvcr80.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\netnt.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\OESISCore.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\onlcfg.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\pinfo.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\pmap.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\presetup.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ProductReleaseNotes.zip\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\QATestedProducts.zip\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcNwLoad_de.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_en.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_es.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_fr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_it.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_jp.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_ko.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_nl.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_pt.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_ru.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_tr.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_zhcn.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\rcnwload_zhtw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\redist.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\scewxmlw.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\sched.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\sched.xml\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\scpt.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\setup.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\shlext.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\shlext64.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\sqlite3.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ssmdrv.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\ssmdrv.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\tables.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\thorwac.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\unacev2.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\update.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\update.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\updext.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\updgui.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\updrgui.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase000.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase001.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase002.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase003.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase004.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase005.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase006.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase007.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase008.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase009.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase010.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase011.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase012.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase013.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase014.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase015.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase016.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase017.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase018.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase019.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase020.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase021.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase022.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase023.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase024.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase025.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase026.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase027.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase028.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase029.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase030.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vbase031.vdf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vcredist_x86.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avgntflt.cat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avgntflt.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avgntflt.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avipbb.cat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avipbb.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avipbb.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avipc64.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avkmgr.cat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avkmgr.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avkmgr.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\avshadow.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vista64\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\vmap.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat0.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat1.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat2.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat3.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\webcat4.dat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\wksstats.dll\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\wsctool.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avgntflt.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avgntflt.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avipbb.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avipbb.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avkmgr.cat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avkmgr.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avkmgr.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\avshadow.exe\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\avgntflt.cat\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\avgntflt.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\avgntflt.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\avipbb.inf\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\avipbb.sys\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\xp64\0\??\C:\Users\Ado\AppData\Local\Temp\RarSFX0\0\??\C:\Program Files\Avira\AntiVir Desktop\aecore.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aegen.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aehelp.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aeheur.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aepack.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aescript.dll.tmp\0\??\C:\Program Files\Avira\AntiVir Desktop\aevdf.dll.tmp

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011/11/14 15:45:39 | 000,000,512 | ---- | M] () MD5=EB5BAFACF113AF9D61442A3C87D0F783 -- C:\PhysicalMBR.bin

< End of report >

HopemZabar · #13 Příspěvek od **HopemZabar** » 14 lis 2011 17:16

Snad som odinstaloval vsetko, co bolo treba

#14 Příspěvek od **Mc_Murphy** » 14 lis 2011 18:52

Nevadí, budu vycházet i z původního logu.

Doporučuji odinstalovat Spybot - Search & Destroy. Program má svá nejlepší léta již dávno za sebou a není schopen čelit aktuálním hrozbám.

Obrázek

Máš havěť na USB discích!

Zapoj proto do PC všechny USB klíče (flashky, ext. disky apod.).

Stáhni a ulož na Plochu UsbFix.
Spusť a klikni na [Deletion].
Po dokončení sem vlož log. Pokud na Tebe nevyskočí, najdeš jej zde: C:\UsbFix.txt

A znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16749
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Ado\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-680335954-692640338-3888189223-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O13 - gopher Prefix: missing
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\AutoRun\command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\explore\Command - "" = 8ng8w.com
O33 - MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}\Shell\open\Command - "" = 8ng8w.com
O33 - MountPoints2\{a202a486-286b-11e0-8a79-00037a9e6452}\Shell\AutoRun\command - "" = H:\USBNB.exe
O33 - MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{96ff077a-020a-11df-b471-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{c0f4dea1-a1c4-11de-bfe1-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{e75deb43-0437-11df-9c32-001e3396a6d5}\Shell - "" = AutoRun
O33 - MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}\Shell - "" = AutoRun
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[8 \Program Files\Avira\AntiVir Desktop\*.tmp files -> \Program Files\Avira\AntiVir Desktop\*.tmp -> ]

:Services
gusvc
NBService
NMIndexingService

:Reg
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDMICtrlMan]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetFxUpdate_v1.1.4322]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

:Files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-680335954-692640338-3888189223-1000Core.job
C:\Users\Ado\AppData\Roaming\uTorrent\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].torrent /d
C:\Users\Ado\Downloads\Instalacky\Virtual DJ v7.0 PRO + Crack [ChattChitto RG] /d
C:\Users\Ado\Saved Games\128x160 java games [SE K310i]\128x160 java games [SE K310i]\2500_games_MEGA__PACK_JAVA_GAME_128x160 /d
C:\Users\Ado\AppData\Roaming\uTorrent\Lavalys.EVEREST.Ultimate.Edition.v4.50.1330.Multilingual.Keygen.Only-ViRiLiTY.torrent /d
C:\Program Files\MiNODLogin /d
C:\Users\Ado\AppData\Roaming\uTorrent\ESET Antivirus Licence Finder (MiNODLogin) 3.6.0.1.exe.torrent /d
C:\Users\Ado\Documents\Downloads\69laco-ESET /d
C:\Users\Ado\Documents\Downloads\MiNODLogin /d
C:\Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1.zip /d
C:\Users\Ado\Downloads\Eset-Smart-Security-5-CZ--64bit,32bit-+-MiNODLogin-3.9.8.1 /d
C:\Users\Ado\Downloads\Instalacky\MiNODLogin /d
C:\Windows\Prefetch\MINODLOGIN.EXE-C653F8E6.pf /d
C:\Users\Ado\AppData\Roaming\uTorrent\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small].torrent /d
C:\Microsoft_Office_Enterprise_2007[Serial_Key_Included].5225806.TPB.torrent /d
C:\Users\Ado\Downloads\Nero_7_Premium_Edition___Serial_[1337x]_[Ahmed]_[Fast___Small].5358690.TPB.torrent /d
C:\Users\Ado\Downloads\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small] /d
C:\Users\Ado\AppData\Roaming\ESET
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

HopemZabar · #15 Příspěvek od **HopemZabar** » 14 lis 2011 19:58

zatial USB fix

############################## | UsbFix 7.059 | [Deletion]

User: Ado (Administrator) # ADO-PC [TOSHIBA Satellite A300D]
Updated 16/09/2011 by El Desaparecido
Started at 19:49:16 | 14/11/2011
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-82
CPU 2: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-82
Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 9.0.8112.16421

Windows Firewall: Enabled
RAM -> 3325 Mb
C:\ (%systemdrive%) -> Fixed drive # 186 Gb (62 Mb free - 33%) [Vista] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 185 Gb (114 Mb free - 62%) [Data] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 2 Gb (1 Mb free - 60%) [] # FAT
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Removable drive # 2 Gb (54 Mb free - 3%) [PHONE CARD] # FAT

################## | Files # Infected Folders |

Deleted ! C:\Users\Ado\AppData\Roaming\inst.exe
Deleted ! C:\Users\Ado\AppData\Roaming\nfssetup.exe
Deleted ! C:\Users\Public\NTUSER.DAT{08ef49cb-5bde-11de-b9db-00037a9e6452}.TM.blf
Deleted ! C:\Users\Public\NTUSER.DAT{08ef49cb-5bde-11de-b9db-00037a9e6452}.TMContainer00000000000000000001.regtrans-ms
Deleted ! C:\Users\Public\NTUSER.DAT{08ef49cb-5bde-11de-b9db-00037a9e6452}.TMContainer00000000000000000002.regtrans-ms
Deleted ! C:\Users\Public\NTUSER.DAT{d69cb107-1ec6-11de-8c6c-00037a9e6452}.TM.blf
Deleted ! C:\Users\Public\NTUSER.DAT{d69cb107-1ec6-11de-8c6c-00037a9e6452}.TMContainer00000000000000000001.regtrans-ms
Deleted ! C:\Users\Public\NTUSER.DAT{d69cb107-1ec6-11de-8c6c-00037a9e6452}.TMContainer00000000000000000002.regtrans-ms
Deleted ! C:\Users\Ado\AppData\Roaming\lowsec
Deleted ! C:\Windows\system32\lowsec
Deleted ! C:\$RECYCLE.BIN\S-1-5-20
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-680335954-692640338-3888189223-1000
Deleted ! E:\$RECYCLE.BIN\S-1-5-20
Deleted ! E:\$RECYCLE.BIN\S-1-5-21-680335954-692640338-3888189223-1000

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKLM\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{1f990e72-8049-11df-9e54-00037a9e6452}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{33d47289-8186-11e0-b93d-00037a9e6452}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{96ff0757-020a-11df-b471-001e3396a6d5}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{a202a486-286b-11e0-8a79-00037a9e6452}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c0f4de9e-a1c4-11de-bfe1-001e3396a6d5}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e75deb34-0437-11df-9c32-001e3396a6d5}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f5378c01-4fc9-11de-973b-00037a9e6452}

################## | Listing |

[14/11/2011 - 19:51:39 | SHD ] C:\$RECYCLE.BIN
[18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
[17/09/2009 - 12:58:05 | D ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[21/11/2008 - 08:12:28 | N | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[14/11/2011 - 19:26:07 | ASH | 3487391744] C:\hiberfil.sys
[21/11/2008 - 10:17:08 | RHD ] C:\MSOCache
[14/11/2011 - 19:26:05 | ASH | 3800985600] C:\pagefile.sys
[14/11/2011 - 15:45:39 | N | 512] C:\PhysicalMBR.bin
[14/11/2011 - 15:20:47 | D ] C:\Program Files
[14/11/2011 - 15:20:47 | HD ] C:\ProgramData
[13/11/2011 - 00:19:26 | D ] C:\rsit
[27/11/2008 - 10:21:19 | N | 123] C:\SWSTAMP.TXT
[14/11/2011 - 15:00:56 | SHD ] C:\System Volume Information
[09/03/2009 - 13:30:01 | D ] C:\Toshiba
[14/11/2011 - 19:51:39 | D ] C:\UsbFix
[14/11/2011 - 19:49:17 | A | 3769] C:\UsbFix.txt
[09/03/2009 - 13:03:56 | D ] C:\Users
[14/11/2011 - 19:26:05 | D ] C:\Windows
[14/11/2011 - 19:51:39 | SHD ] E:\$RECYCLE.BIN
[12/04/2009 - 08:49:30 | N | 1991612757] E:\20090412_094259_Ado.nba
[12/04/2009 - 08:55:02 | N | 1991608393] E:\20090412_094259_Ado2.nba
[04/07/2011 - 11:34:38 | D ] E:\DVD filmy
[09/03/2009 - 21:38:15 | D ] E:\HDDRecovery
[06/02/2010 - 10:07:21 | D ] E:\Nový priečinok
[29/12/2008 - 12:29:11 | N | 11] E:\R10175SK.tag
[09/03/2009 - 12:41:50 | SHD ] E:\System Volume Information
[17/03/2010 - 15:31:28 | D ] G:\ESET Smart Security 4.0.467
[17/03/2010 - 16:36:30 | D ] G:\MiNODLogin
[25/03/2011 - 15:34:52 | N | 3033192] G:\ccsetup304.exe
[25/03/2011 - 15:35:46 | N | 16409960] G:\spybotsd162.exe
[25/03/2011 - 15:38:16 | N | 20586196] G:\vlc-1.1.8-win32.exe
[13/04/2011 - 18:05:16 | N | 15329] G:\curriculum vitae.docx
[22/07/2011 - 07:28:10 | N | 11028] G:\Rozpis.xlsx
[22/07/2011 - 14:23:56 | N | 165] G:\~$Rozpis.xlsx
[27/05/2011 - 12:06:20 | N | 13377240] G:\splash_lite_1_6_1_setup.exe
[15/06/2011 - 14:21:34 | D ] G:\iobit_toolbox
[10/09/2007 - 02:33:32 | N | 23327430] G:\cs_v1.10.exe
[29/03/2011 - 23:34:30 | N | 135681640] G:\OOo_3.3.0_Win_x86_install_cs.exe
[20/09/2011 - 10:06:56 | D ] G:\Nero 7 Premium Edition + Serial [1337x] [Ahmed] [Fast & Small]
[14/09/2011 - 12:21:26 | D ] G:\EsetSmartSecurity 5 CZ 64bit,32bit + MiNODLogin 3.9.8.1
[17/09/2010 - 14:54:28 | N | 162] J:\CDAInfo.txt
[17/09/2010 - 14:54:28 | N | 0] J:\MEMSTICK.IND
[17/09/2010 - 14:54:28 | N | 0] J:\MSTK_PRO.IND
[17/09/2010 - 14:55:30 | D ] J:\alarms
[20/05/2011 - 21:05:48 | D ] J:\image
[19/05/2011 - 19:08:50 | D ] J:\music
[17/09/2010 - 14:55:30 | D ] J:\notifications
[17/09/2010 - 14:55:30 | D ] J:\others
[17/09/2010 - 14:58:56 | D ] J:\PCCompanion
[17/09/2010 - 14:59:04 | D ] J:\ringtones
[17/09/2010 - 14:59:04 | D ] J:\video
[18/01/2011 - 17:18:58 | N | 220] J:\Traceability.txt
[18/01/2011 - 17:18:58 | N | 99] J:\MemStickInfo.txt
[06/01/1980 - 00:08:06 | D ] J:\LOST.DIR
[09/11/2011 - 11:18:50 | N | 7405] J:\default-capability.xml
[19/05/2011 - 06:41:50 | D ] J:\DCIM
[30/10/2011 - 05:34:44 | D ] J:\albumthumbs
[18/05/2011 - 23:04:42 | D ] J:\Android
[19/05/2011 - 00:21:34 | D ] J:\media
[11/10/2011 - 22:11:54 | D ] J:\download
[09/11/2011 - 11:18:50 | N | 142] J:\customized-capability.xml
[01/10/2011 - 07:30:08 | D ] J:\com.mictale.gpsessentials
[10/10/2011 - 14:33:46 | D ] J:\openfeint
[10/10/2011 - 14:33:46 | D ] J:\prism

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
G:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
J:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_ADO-PC.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu