Logfile of random's system information tool 1.09 (written by random/random)
Run by Josef Šulc at 2011-11-14 10:07:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 388 GB (85%) free of 456 GB
Total RAM: 4070 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:27, on 14.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DealRunner\DealRunner.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\IR\shutTask.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\SysWOW64\RunDll32.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Josef Šulc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Freecause Shopping BHO - {0095C290-A428-4BDD-B98C-E0A116F1C702} - C:\Program Files (x86)\Shop to Win 9\Shop to Win 9.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11 SE DVD\uvPL.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [shutTask] "C:\Program Files (x86)\IR\shutTask.exe"
O4 - HKLM\..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DealRunner] C:\Program Files (x86)\DealRunner\DealRunner.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
O4 - HKCU\..\Run: [Google Update] "C:\Users\Josef Šulc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 19762 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\windows\system32\WLANExt.exe 28697840
\??\C:\windows\system32\conhost.exe "-73529289-1870377400-8405685507006949261916468934959604233-895826781760637419
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\SysWOW64\IoctlSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 3088
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\WinFast\WFDTV\WFWIZ.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\DealRunner\DealRunner.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe" 4202521583.www.pcspeedup.com
"C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"
"C:\Program Files (x86)\IR\shutTask.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
ArcCon.ac 66066 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
C:\windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\windows\system32\rundll32.exe "C:\Users\JOSEFU~1\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll" --lang=cs --channel=5884.08FA9000.444922749 --flash-broker=1788 /prefetch:4
"C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=5884.079519A0.780204910 /prefetch:3
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Users\Josef Šulc\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job
C:\windows\tasks\HPCeeScheduleForJosef Šulc.job
C:\windows\tasks\Norton Security Scan for Josef Šulc.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
prefs.js - "extensions.enabledItems" - "otis@digitalpersona.com:5.0.0.4737, textlinks@epicplay.com:1.0.0, {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.3.0, {46d606b0-a645-11df-981c-0800200c9a66}:1.0.28, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.18.1, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://slirsredirect.search.aol.com/red ... 011&query="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\npEpicPlayDisplayHost]
"Description"=EpicPlay Games Display Host Module
"Path"=C:\Program Files (x86)\EpicPlay\npEpicHost.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
npnul32.dll
nppdf32.dll
npwachk.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\
textlinks@epicplay.com
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{46d606b0-a645-11df-981c-0800200c9a66}
{5911488E-9D1E-40ec-8CBB-06B231CC153F}
C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\
aol-web-search.xml
bing-zugo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0095C290-A428-4BDD-B98C-E0A116F1C702}]
Shop to Win - C:\Program Files (x86)\Shop to Win 9\Shop to Win 9.dll [2010-12-29 14432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll [2011-09-28 1937736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}]
StartNow Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll [2011-09-28 1937736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2011-04-26 5398528]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-26 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2008-06-20 2887680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
"DealRunner"=C:\Program Files (x86)\DealRunner\DealRunner.exe [2011-08-04 789088]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-10-31 2427]
"Google Update"=C:\Users\Josef Šulc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2011-01-12 514544]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-06 336384]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-15 94264]
""= []
"HPQuickWebProxy"=c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-02-11 76344]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2008-07-11 90112]
"UVS11 Preload"=C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11 SE DVD\uvPL.exe [2007-04-12 341488]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2006-09-01 282624]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"TaskTray"= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-05-06 658424]
"shutTask"=C:\Program Files (x86)\IR\shutTask.exe [2009-12-29 110592]
"StartNowToolbarHelper"=C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-07-11 74752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
TMMonitor.lnk - C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\Josef Šulc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-14 10:07:23 ----D---- C:\rsit
2011-11-14 10:07:23 ----D---- C:\Program Files\trend micro
2011-11-12 19:04:27 ----D---- C:\Program Files (x86)\Final Fight
2011-11-12 19:03:58 ----D---- C:\Program Files (x86)\DOSBox-0.74
2011-11-12 18:48:44 ----D---- C:\BigFishGamesCache
2011-11-12 18:42:59 ----D---- C:\ProgramData\Trymedia
2011-11-12 18:42:22 ----D---- C:\Program Files (x86)\Team17
2011-11-10 00:09:18 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-11-10 00:09:17 ----A---- C:\windows\system32\win32k.sys
2011-11-03 09:52:25 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2011-11-01 12:17:45 ----A---- C:\windows\SYSWOW64\javaws.exe
2011-11-01 12:17:45 ----A---- C:\windows\SYSWOW64\javaw.exe
2011-11-01 12:17:45 ----A---- C:\windows\SYSWOW64\java.exe
2011-10-31 17:25:13 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2011-10-31 17:24:19 ----D---- C:\ProgramData\Winamp Toolbar
2011-10-31 17:24:19 ----D---- C:\Program Files (x86)\Winamp Toolbar
2011-10-31 17:23:30 ----D---- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy
2011-10-30 23:07:21 ----D---- C:\ProgramData\Symantec
2011-10-30 23:07:16 ----D---- C:\windows\system32\drivers\NSSx64
2011-10-30 23:07:16 ----D---- C:\ProgramData\Norton
2011-10-30 23:07:16 ----D---- C:\Program Files (x86)\Norton Security Scan
2011-10-30 23:07:15 ----D---- C:\Program Files (x86)\NortonInstaller
2011-10-30 21:06:51 ----D---- C:\windows\SYSWOW64\Adobe
2011-10-30 19:37:45 ----D---- C:\ProgramData\McAfee Security Scan
2011-10-30 19:37:45 ----D---- C:\ProgramData\McAfee
2011-10-30 19:37:44 ----D---- C:\Program Files (x86)\McAfee Security Scan
2011-10-23 00:19:08 ----A---- C:\windows\SYSWOW64\D3DX9_42.dll
2011-10-23 00:18:27 ----D---- C:\Program Files (x86)\Winamp Detect
2011-10-23 00:17:59 ----D---- C:\Users\Josef Šulc\AppData\Roaming\Winamp
2011-10-23 00:17:59 ----D---- C:\Program Files (x86)\Winamp
======List of files/folders modified in the last 1 month======
2011-11-14 10:07:23 ----RD---- C:\Program Files
2011-11-14 10:07:23 ----D---- C:\windows\Temp
2011-11-14 09:54:03 ----D---- C:\Users\Josef Šulc\AppData\Roaming\Skype
2011-11-14 09:46:03 ----D---- C:\windows\system32\config
2011-11-14 09:40:17 ----D---- C:\windows\System32
2011-11-14 09:40:16 ----D---- C:\windows\inf
2011-11-14 09:40:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-11-14 09:38:05 ----A---- C:\windows\SYSWOW64\log.txt
2011-11-14 09:36:58 ----D---- C:\ProgramData\Sonic
2011-11-14 09:35:59 ----D---- C:\ProgramData\PDFC
2011-11-14 09:35:58 ----D---- C:\ProgramData\HPQLOG
2011-11-12 19:04:27 ----RD---- C:\Program Files (x86)
2011-11-12 18:42:59 ----HD---- C:\ProgramData
2011-11-12 18:42:07 ----D---- C:\windows\SysWOW64
2011-11-12 10:55:56 ----D---- C:\windows\system32\catroot
2011-11-12 10:55:47 ----D---- C:\windows\system32\catroot2
2011-11-12 10:55:42 ----SHD---- C:\System Volume Information
2011-11-11 20:55:22 ----D---- C:\windows\Tasks
2011-11-11 20:55:22 ----D---- C:\windows\system32\Tasks
2011-11-11 09:35:00 ----D---- C:\windows\winsxs
2011-11-11 09:33:40 ----D---- C:\Program Files\Common Files\System
2011-11-11 09:33:40 ----AD---- C:\windows\system32\drivers
2011-11-11 09:26:58 ----D---- C:\windows\debug
2011-11-11 09:26:56 ----A---- C:\windows\system32\MRT.exe
2011-11-04 20:45:36 ----D---- C:\windows\Prefetch
2011-11-03 09:52:02 ----D---- C:\Program Files (x86)\EpicPlay
2011-11-01 12:23:38 ----D---- C:\ProgramData\CanonIJPLM
2011-11-01 12:17:58 ----SHD---- C:\windows\Installer
2011-11-01 12:17:58 ----D---- C:\Program Files (x86)\Common Files
2011-11-01 12:17:41 ----D---- C:\Program Files (x86)\Java
2011-11-01 12:10:13 ----D---- C:\Windows
2011-11-01 12:10:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-23 01:21:59 ----RSD---- C:\windows\assembly
2011-10-23 01:21:59 ----D---- C:\windows\Microsoft.NET
2011-10-23 00:18:33 ----D---- C:\windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-02-06 9090048]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-02-06 299520]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BCM42RLY;BCM42RLY; C:\windows\system32\drivers\BCM42RLY.sys [2011-04-26 22592]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-04-26 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-01-30 174168]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2011-02-08 26712]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-02-04 1413680]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF15BDA;AF9015 BDA Device; C:\windows\system32\DRIVERS\AF15BDA.sys [2011-06-12 507392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;WinFast based TV tuner device; C:\windows\system32\DRIVERS\mod7700.sys [2009-11-17 907264]
S3 MODRC;WinFast TV Dongle With Infrared Receiver; C:\windows\system32\DRIVERS\modrc.sys [2007-07-13 24200]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 ULCDRHlp;ULCDRHlp; C:\windows\System32\Drivers\ULCDRHlp.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-04 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-02-06 203776]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 Capture Device Service;Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-03 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-03 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 hpCMSrv;HP Connection Manager 4.0 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-09 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola
Zdravim a pekny den preji 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Euronymous
- Návštěvník
- Příspěvky: 97
- Registrován: 03 pro 2003 20:53
Re: Preventivní kontrola
OLT:
OTL logfile created on: 14.11.2011 11:27:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Josef Šulc\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,39% Memory free
7,95 Gb Paging File | 5,35 Gb Available in Paging File | 67,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,40 Gb Total Space | 376,47 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 7,46 Gb Total Space | 3,23 Gb Free Space | 43,25% Space Free | Partition Type: FAT32
Drive E: | 15,07 Gb Total Space | 2,25 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,13 Gb Free Space | 42,69% Space Free | Partition Type: FAT32
Drive H: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: NOTEBOOK | User Name: Josef Šulc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.14 11:25:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Josef Šulc\Downloads\OTL.exe
PRC - [2011.05.06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.02.12 05:07:16 | 000,820,048 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011.02.11 01:44:28 | 000,076,344 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.02.09 19:51:36 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011.02.07 20:41:42 | 012,274,688 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011.02.07 20:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011.01.26 18:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
PRC - [2011.01.20 06:50:16 | 000,329,056 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
PRC - [2011.01.18 22:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.01.12 20:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011.01.12 20:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2011.01.12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.01.03 23:16:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.03 23:16:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.17 06:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010.11.20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.07.30 03:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.12.29 18:06:12 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
PRC - [2009.11.03 12:38:12 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe
PRC - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.07.11 10:46:10 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.08 04:02:56 | 000,420,920 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011.11.08 04:02:55 | 003,702,840 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011.11.08 04:01:20 | 000,122,952 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011.11.08 04:01:19 | 000,222,280 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011.11.08 04:01:17 | 001,746,504 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011.11.08 00:44:56 | 008,593,056 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011.10.23 01:16:46 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
MOD - [2011.10.23 01:16:29 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.23 01:16:29 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.23 01:16:29 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b40ad47b1338dd50c41d2c5571819a09\IAStorCommon.ni.dll
MOD - [2011.10.23 01:16:27 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\356136d6f23fe3cde33dc96fbda2df0a\IAStorUtil.ni.dll
MOD - [2011.10.23 01:16:25 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.23 01:16:20 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.23 01:16:16 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.23 01:16:13 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.23 01:16:12 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.23 01:16:06 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.21 18:39:09 | 000,877,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011.02.09 19:51:36 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2011.02.04 00:09:24 | 000,366,176 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll
MOD - [2011.01.12 20:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.11.25 07:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.29 18:06:12 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
MOD - [2009.12.29 18:05:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\IR\KeyBoard.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2007.05.22 09:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
MOD - [2007.04.19 08:39:08 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\FPXLIB.DLL
MOD - [2007.04.19 08:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\uPiApi.dll
MOD - [2007.04.19 08:29:42 | 000,273,216 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\magengin.dll
MOD - [2007.04.19 08:29:38 | 000,187,136 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\kgl.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.26 08:09:52 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2011.02.12 05:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011.02.06 08:39:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2011.01.27 10:52:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.01.27 03:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011.01.27 01:01:00 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.01.22 03:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2011.01.12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011.01.12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.07.30 03:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.12.04 00:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 11:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011.06.21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011.05.06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.02.15 23:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.02.07 20:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011.02.04 00:09:18 | 000,464,480 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.01.22 03:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS)
SRV - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.01.15 13:32:30 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2011.01.12 20:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011.01.03 23:16:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.01.03 23:16:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.11.14 10:59:28 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.06.12 15:36:17 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2011.04.26 08:09:52 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011.04.26 08:09:51 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.09 19:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011.02.08 18:26:52 | 000,026,712 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2011.02.07 16:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011.02.06 09:22:40 | 009,090,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.02.06 08:01:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.02.04 04:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.30 20:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.27 10:52:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.01.27 01:01:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.01.27 01:01:00 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.21 18:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010.12.21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 12:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.21 10:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.12.03 02:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.17 02:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.11.11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.07.20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.07.20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.07.20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.07.14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.19 12:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.01.26 21:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010.01.26 06:31:08 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:64bit: - [2009.12.15 13:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 13:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 13:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.11.17 17:17:26 | 000,907,264 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.07.13 11:22:56 | 000,024,200 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AOL Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.winamp.com/search/search? ... 011&query="
FF - prefs.js..browser.search.order.1: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4737
FF - prefs.js..extensions.enabledItems: textlinks@epicplay.com:1.0.0
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.3.0
FF - prefs.js..extensions.enabledItems: {46d606b0-a645-11df-981c-0800200c9a66}:1.0.28
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.18.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/red ... 011&query="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files (x86)\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Josef Šulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Josef Šulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011.03.09 04:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.07 08:40:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.01 12:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.05.23 14:53:08 | 000,000,000 | ---D | M]
[2011.09.07 13:55:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Extensions
[2011.11.14 10:30:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions
[2011.10.31 17:24:22 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.10.03 15:51:50 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2011.10.03 15:50:46 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\textlinks@epicplay.com
[2011.10.03 15:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\extensionManager
[2011.10.31 17:25:11 | 000,002,354 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\aol-web-search.xml
[2011.10.03 15:50:26 | 000,001,945 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\bing-zugo.xml
[2011.11.01 12:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.01 12:17:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.03.09 04:01:12 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\FIREFOXEXT
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{46D606B0-A645-11DF-981C-0800200C9A66}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\TEXTLINKS@EPICPLAY.COM
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.03 16:32:10 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.03 16:32:10 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.03 16:32:10 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.03 16:32:10 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.03 16:32:10 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTe ... {startPage}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: EpicPlay NPAPI Display Host (Enabled) = C:\Program Files (x86)\EpicPlay\npEpicHost.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [shutTask] C:\Program Files (x86)\IR\shutTask.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11 SE DVD\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-801800788-878754999-428713004-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4B85EB1-CD70-4A86-AEEB-07FAC4BB241E}: DhcpNameServer = 77.48.254.254 77.48.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC34628E-414B-460B-B045-D269ADE0CBC7}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.10 12:40:51 | 000,000,046 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{18602cd3-997e-11e0-9391-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{18602cd3-997e-11e0-9391-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{75289a8d-0ea7-11e1-8883-70f3959b9c9f}\Shell - "" = AutoRun
O33 - MountPoints2\{75289a8d-0ea7-11e1-8883-70f3959b9c9f}\Shell\AutoRun\command - "" = H:\Starter.exe -- [2008.08.28 12:10:48 | 000,049,152 | R--- | M] ()
O33 - MountPoints2\{a00aaf74-87b5-11e0-8646-c0f8da44090f}\Shell - "" = AutoRun
O33 - MountPoints2\{a00aaf74-87b5-11e0-8646-c0f8da44090f}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.14 11:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capcom
[2011.11.14 11:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom
[2011.11.14 10:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.11.14 10:58:38 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.11.14 10:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.11.14 10:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.14 10:07:23 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.12 19:05:04 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Local\DOSBox
[2011.11.12 19:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fight
[2011.11.12 19:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Final Fight
[2011.11.12 19:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2011.11.12 19:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2011.11.12 18:48:44 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011.11.12 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011.11.12 18:42:55 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Team17
[2011.11.12 18:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
[2011.11.12 18:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Team17
[2011.11.11 20:56:18 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.14 11:29:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.14 11:22:39 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Play MotoGP 08.lnk
[2011.11.14 11:08:19 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 11:08:19 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 11:05:20 | 001,577,410 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011.11.14 11:05:20 | 000,668,448 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2011.11.14 11:05:20 | 000,652,918 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011.11.14 11:05:20 | 000,141,064 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2011.11.14 11:05:20 | 000,121,850 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011.11.14 11:00:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.11.14 11:00:26 | 4268,089,344 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.14 11:00:00 | 000,000,982 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job
[2011.11.14 10:59:28 | 000,834,544 | ---- | M] () -- C:\windows\SysNative\drivers\sptd.sys
[2011.11.14 10:42:24 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011.11.13 21:00:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job
[2011.11.12 19:04:38 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Final Fight.lnk
[2011.11.12 19:03:58 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2011.11.12 18:42:58 | 000,002,001 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Worms 2.lnk
[2011.11.12 18:42:55 | 000,002,041 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Purchase Worms 2.lnk
[2011.11.11 20:56:20 | 000,002,333 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Google Chrome.lnk
[2011.11.11 09:34:40 | 000,483,672 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011.11.11 09:23:56 | 000,000,352 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForJosef Šulc.job
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.14 11:29:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.14 11:22:39 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Play MotoGP 08.lnk
[2011.11.14 10:59:28 | 000,834,544 | ---- | C] () -- C:\windows\SysNative\drivers\sptd.sys
[2011.11.14 10:42:24 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011.11.12 19:04:38 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Final Fight.lnk
[2011.11.12 19:03:58 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2011.11.12 18:42:58 | 000,002,001 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Worms 2.lnk
[2011.11.12 18:42:55 | 000,002,041 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Purchase Worms 2.lnk
[2011.11.11 20:56:20 | 000,002,333 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Google Chrome.lnk
[2011.11.11 20:55:22 | 000,000,982 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job
[2011.11.11 20:55:22 | 000,000,930 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job
[2011.09.15 17:15:21 | 018,046,023 | ---- | C] () -- C:\Users\Josef Šulc\AppData\Roaming\UserTile.png
[2011.05.26 23:22:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.25 15:12:28 | 000,002,686 | ---- | C] () -- C:\windows\TRNCOM.INI
[2011.05.25 15:09:45 | 000,000,054 | ---- | C] () -- C:\windows\WTRDCTM.INI
[2011.05.25 14:49:48 | 000,000,026 | ---- | C] () -- C:\windows\Irremote.ini
[2011.05.24 10:36:18 | 000,210,456 | ---- | C] () -- C:\windows\SysWow64\IVIresizeW7.dll
[2011.05.24 10:36:18 | 000,206,360 | ---- | C] () -- C:\windows\SysWow64\IVIresizeA6.dll
[2011.05.24 10:36:18 | 000,198,168 | ---- | C] () -- C:\windows\SysWow64\IVIresizeP6.dll
[2011.05.24 10:36:18 | 000,198,168 | ---- | C] () -- C:\windows\SysWow64\IVIresizeM6.dll
[2011.05.24 10:36:18 | 000,194,072 | ---- | C] () -- C:\windows\SysWow64\IVIresizePX.dll
[2011.05.24 10:36:18 | 000,026,136 | ---- | C] () -- C:\windows\SysWow64\IVIresize.dll
[2011.04.26 08:34:35 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcecbh.sys
[2011.04.26 08:18:21 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.04.26 08:15:42 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011.04.26 08:15:42 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011.03.09 04:17:16 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcdieb.sys
[2011.03.09 04:06:37 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\HPPA.ini
[2011.03.09 04:01:29 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcdigf.sys
[2011.03.09 03:34:23 | 001,560,364 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011.02.12 05:04:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011.02.04 04:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011.02.04 00:09:24 | 000,366,176 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.02.03 05:49:02 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.02.03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011.02.03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011.01.30 00:49:32 | 000,017,232 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011.01.22 20:40:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011.01.11 04:03:08 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat
[2010.12.20 16:27:22 | 000,003,113 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2010.12.07 06:16:34 | 000,181,072 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2010.12.07 06:16:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.05.30 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Canon
[2011.11.14 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.05.23 10:50:23 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DigitalPersona
[2011.05.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\GHISLER
[2011.05.25 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ICQ
[2011.05.23 10:50:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Infineon
[2011.05.27 08:08:12 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\LangSoft
[2011.10.31 17:23:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy
[2011.05.23 11:01:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Synaptics
[2011.05.26 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Telefónica Móviles
[2011.05.26 21:55:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Ulead Systems
[2011.05.25 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Zoner
[2011.10.08 19:40:51 | 000,032,550 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
OTL logfile created on: 14.11.2011 11:27:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Josef Šulc\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,39% Memory free
7,95 Gb Paging File | 5,35 Gb Available in Paging File | 67,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,40 Gb Total Space | 376,47 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 7,46 Gb Total Space | 3,23 Gb Free Space | 43,25% Space Free | Partition Type: FAT32
Drive E: | 15,07 Gb Total Space | 2,25 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,13 Gb Free Space | 42,69% Space Free | Partition Type: FAT32
Drive H: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: NOTEBOOK | User Name: Josef Šulc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.14 11:25:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Josef Šulc\Downloads\OTL.exe
PRC - [2011.05.06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.02.12 05:07:16 | 000,820,048 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011.02.11 01:44:28 | 000,076,344 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.02.09 19:51:36 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011.02.07 20:41:42 | 012,274,688 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011.02.07 20:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011.01.26 18:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
PRC - [2011.01.20 06:50:16 | 000,329,056 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
PRC - [2011.01.18 22:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.01.12 20:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011.01.12 20:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2011.01.12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.01.03 23:16:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.03 23:16:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.17 06:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010.11.20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.07.30 03:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.12.29 18:06:12 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
PRC - [2009.11.03 12:38:12 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\TMMonitor.exe
PRC - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.07.11 10:46:10 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.08 04:02:56 | 000,420,920 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011.11.08 04:02:55 | 003,702,840 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011.11.08 04:01:20 | 000,122,952 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011.11.08 04:01:19 | 000,222,280 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011.11.08 04:01:17 | 001,746,504 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011.11.08 00:44:56 | 008,593,056 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011.10.23 01:16:46 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
MOD - [2011.10.23 01:16:29 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.23 01:16:29 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.23 01:16:29 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b40ad47b1338dd50c41d2c5571819a09\IAStorCommon.ni.dll
MOD - [2011.10.23 01:16:27 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\356136d6f23fe3cde33dc96fbda2df0a\IAStorUtil.ni.dll
MOD - [2011.10.23 01:16:25 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.23 01:16:20 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.23 01:16:16 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.23 01:16:13 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.23 01:16:12 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.23 01:16:06 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.21 18:39:09 | 000,877,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011.02.09 19:51:36 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2011.02.04 00:09:24 | 000,366,176 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll
MOD - [2011.01.12 20:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.11.25 07:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.29 18:06:12 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
MOD - [2009.12.29 18:05:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\IR\KeyBoard.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2007.05.22 09:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
MOD - [2007.04.19 08:39:08 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\FPXLIB.DLL
MOD - [2007.04.19 08:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\uPiApi.dll
MOD - [2007.04.19 08:29:42 | 000,273,216 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\magengin.dll
MOD - [2007.04.19 08:29:38 | 000,187,136 | ---- | M] () -- C:\Program Files (x86)\Arcsoft\TotalMedia 3.5\kgl.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.26 08:09:52 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2011.02.12 05:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011.02.06 08:39:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2011.01.27 10:52:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.01.27 03:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011.01.27 01:01:00 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.01.22 03:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2011.01.12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011.01.12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.07.30 03:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.12.04 00:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 11:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011.06.21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011.05.06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.02.15 23:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.02.07 20:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011.02.04 00:09:18 | 000,464,480 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.01.22 03:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.01.20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2011.01.20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2011.01.20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS)
SRV - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.01.15 13:32:30 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2011.01.12 20:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011.01.03 23:16:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.01.03 23:16:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.03.06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.11.14 10:59:28 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.06.12 15:36:17 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2011.04.26 08:09:52 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011.04.26 08:09:51 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.09 19:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011.02.08 18:26:52 | 000,026,712 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2011.02.07 16:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011.02.06 09:22:40 | 009,090,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.02.06 08:01:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.02.04 04:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.30 20:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.27 10:52:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.01.27 01:01:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.01.27 01:01:00 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.21 18:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010.12.21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 12:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.21 10:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.12.03 02:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.17 02:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.11.11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.07.20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.07.20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.07.20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.07.14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.19 12:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.01.26 21:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010.01.26 06:31:08 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:64bit: - [2009.12.15 13:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 13:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 13:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.11.17 17:17:26 | 000,907,264 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.07.13 11:22:56 | 000,024,200 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AOL Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.winamp.com/search/search? ... 011&query="
FF - prefs.js..browser.search.order.1: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4737
FF - prefs.js..extensions.enabledItems: textlinks@epicplay.com:1.0.0
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.3.0
FF - prefs.js..extensions.enabledItems: {46d606b0-a645-11df-981c-0800200c9a66}:1.0.28
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.18.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/red ... 011&query="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files (x86)\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Josef Šulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Josef Šulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011.03.09 04:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.07 08:40:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.01 12:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.05.23 14:53:08 | 000,000,000 | ---D | M]
[2011.09.07 13:55:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Extensions
[2011.11.14 10:30:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions
[2011.10.31 17:24:22 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.10.03 15:51:50 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2011.10.03 15:50:46 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\textlinks@epicplay.com
[2011.10.03 15:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\extensionManager
[2011.10.31 17:25:11 | 000,002,354 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\aol-web-search.xml
[2011.10.03 15:50:26 | 000,001,945 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\bing-zugo.xml
[2011.11.01 12:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.01 12:17:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.03.09 04:01:12 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\FIREFOXEXT
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{46D606B0-A645-11DF-981C-0800200C9A66}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\TEXTLINKS@EPICPLAY.COM
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.03 16:32:10 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.03 16:32:10 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.03 16:32:10 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.03 16:32:10 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.03 16:32:10 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTe ... {startPage}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: EpicPlay NPAPI Display Host (Enabled) = C:\Program Files (x86)\EpicPlay\npEpicHost.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Josef \u0160ulc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [shutTask] C:\Program Files (x86)\IR\shutTask.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11 SE DVD\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-801800788-878754999-428713004-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4B85EB1-CD70-4A86-AEEB-07FAC4BB241E}: DhcpNameServer = 77.48.254.254 77.48.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC34628E-414B-460B-B045-D269ADE0CBC7}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.10 12:40:51 | 000,000,046 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{18602cd3-997e-11e0-9391-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{18602cd3-997e-11e0-9391-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{75289a8d-0ea7-11e1-8883-70f3959b9c9f}\Shell - "" = AutoRun
O33 - MountPoints2\{75289a8d-0ea7-11e1-8883-70f3959b9c9f}\Shell\AutoRun\command - "" = H:\Starter.exe -- [2008.08.28 12:10:48 | 000,049,152 | R--- | M] ()
O33 - MountPoints2\{a00aaf74-87b5-11e0-8646-c0f8da44090f}\Shell - "" = AutoRun
O33 - MountPoints2\{a00aaf74-87b5-11e0-8646-c0f8da44090f}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.14 11:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capcom
[2011.11.14 11:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom
[2011.11.14 10:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.11.14 10:58:38 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.11.14 10:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.11.14 10:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.14 10:07:23 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.12 19:05:04 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Local\DOSBox
[2011.11.12 19:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fight
[2011.11.12 19:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Final Fight
[2011.11.12 19:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2011.11.12 19:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2011.11.12 18:48:44 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011.11.12 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011.11.12 18:42:55 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Team17
[2011.11.12 18:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
[2011.11.12 18:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Team17
[2011.11.11 20:56:18 | 000,000,000 | ---D | C] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.14 11:29:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.14 11:22:39 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Play MotoGP 08.lnk
[2011.11.14 11:08:19 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 11:08:19 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 11:05:20 | 001,577,410 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011.11.14 11:05:20 | 000,668,448 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2011.11.14 11:05:20 | 000,652,918 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011.11.14 11:05:20 | 000,141,064 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2011.11.14 11:05:20 | 000,121,850 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011.11.14 11:00:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.11.14 11:00:26 | 4268,089,344 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.14 11:00:00 | 000,000,982 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job
[2011.11.14 10:59:28 | 000,834,544 | ---- | M] () -- C:\windows\SysNative\drivers\sptd.sys
[2011.11.14 10:42:24 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011.11.13 21:00:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job
[2011.11.12 19:04:38 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Final Fight.lnk
[2011.11.12 19:03:58 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2011.11.12 18:42:58 | 000,002,001 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Worms 2.lnk
[2011.11.12 18:42:55 | 000,002,041 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Purchase Worms 2.lnk
[2011.11.11 20:56:20 | 000,002,333 | ---- | M] () -- C:\Users\Josef Šulc\Desktop\Google Chrome.lnk
[2011.11.11 09:34:40 | 000,483,672 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011.11.11 09:23:56 | 000,000,352 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForJosef Šulc.job
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.14 11:29:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.14 11:22:39 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Play MotoGP 08.lnk
[2011.11.14 10:59:28 | 000,834,544 | ---- | C] () -- C:\windows\SysNative\drivers\sptd.sys
[2011.11.14 10:42:24 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011.11.12 19:04:38 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Final Fight.lnk
[2011.11.12 19:03:58 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2011.11.12 18:42:58 | 000,002,001 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Worms 2.lnk
[2011.11.12 18:42:55 | 000,002,041 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Purchase Worms 2.lnk
[2011.11.11 20:56:20 | 000,002,333 | ---- | C] () -- C:\Users\Josef Šulc\Desktop\Google Chrome.lnk
[2011.11.11 20:55:22 | 000,000,982 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job
[2011.11.11 20:55:22 | 000,000,930 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job
[2011.09.15 17:15:21 | 018,046,023 | ---- | C] () -- C:\Users\Josef Šulc\AppData\Roaming\UserTile.png
[2011.05.26 23:22:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.25 15:12:28 | 000,002,686 | ---- | C] () -- C:\windows\TRNCOM.INI
[2011.05.25 15:09:45 | 000,000,054 | ---- | C] () -- C:\windows\WTRDCTM.INI
[2011.05.25 14:49:48 | 000,000,026 | ---- | C] () -- C:\windows\Irremote.ini
[2011.05.24 10:36:18 | 000,210,456 | ---- | C] () -- C:\windows\SysWow64\IVIresizeW7.dll
[2011.05.24 10:36:18 | 000,206,360 | ---- | C] () -- C:\windows\SysWow64\IVIresizeA6.dll
[2011.05.24 10:36:18 | 000,198,168 | ---- | C] () -- C:\windows\SysWow64\IVIresizeP6.dll
[2011.05.24 10:36:18 | 000,198,168 | ---- | C] () -- C:\windows\SysWow64\IVIresizeM6.dll
[2011.05.24 10:36:18 | 000,194,072 | ---- | C] () -- C:\windows\SysWow64\IVIresizePX.dll
[2011.05.24 10:36:18 | 000,026,136 | ---- | C] () -- C:\windows\SysWow64\IVIresize.dll
[2011.04.26 08:34:35 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcecbh.sys
[2011.04.26 08:18:21 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.04.26 08:15:42 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011.04.26 08:15:42 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011.03.09 04:17:16 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcdieb.sys
[2011.03.09 04:06:37 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\HPPA.ini
[2011.03.09 04:01:29 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdcdigf.sys
[2011.03.09 03:34:23 | 001,560,364 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011.02.12 05:07:16 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011.02.12 05:04:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011.02.04 04:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011.02.04 00:09:24 | 000,366,176 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.02.03 05:49:02 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.02.03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011.02.03 05:47:42 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011.01.30 00:49:32 | 000,017,232 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011.01.22 20:40:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011.01.11 04:03:08 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat
[2010.12.20 16:27:22 | 000,003,113 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2010.12.07 06:16:34 | 000,181,072 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2010.12.07 06:16:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.05.30 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Canon
[2011.11.14 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.05.23 10:50:23 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DigitalPersona
[2011.05.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\GHISLER
[2011.05.25 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ICQ
[2011.05.23 10:50:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Infineon
[2011.05.27 08:08:12 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\LangSoft
[2011.10.31 17:23:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy
[2011.05.23 11:01:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Synaptics
[2011.05.26 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Telefónica Móviles
[2011.05.26 21:55:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Ulead Systems
[2011.05.25 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Zoner
[2011.10.08 19:40:51 | 000,032,550 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
-
Euronymous
- Návštěvník
- Příspěvky: 97
- Registrován: 03 pro 2003 20:53
Re: Preventivní kontrola
pokračování OTL:
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.10.29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.10.29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.10.29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.10.29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.10.29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.10.29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.10.29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.10.29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\swsetup\INTELRST\Drivers\x64\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\drivers\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys
[2011.01.13 02:44:08 | 000,355,352 | ---- | M] (Intel Corporation) MD5=F989555F1662581032CCE1578A8FF28E -- C:\swsetup\INTELRST\Drivers\x32\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010.05.12 09:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010.05.12 09:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.05.12 09:50:49 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2010.05.12 09:38:10 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2010.05.12 09:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010.05.12 09:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.10.29 04:09:15 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.10.29 04:09:15 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.10.29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.10.29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp files -> C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp files -> C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.05.23 13:11:44 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Adobe
[2011.10.08 13:23:04 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Apple Computer
[2011.06.12 15:47:56 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ArcSoft
[2011.05.23 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ATI
[2011.05.30 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Canon
[2011.11.14 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.05.23 10:50:23 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DigitalPersona
[2011.05.27 08:08:59 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\dvdcss
[2011.05.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\GHISLER
[2011.08.04 08:59:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Hewlett-Packard
[2011.06.18 09:45:08 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\hpqLog
[2011.05.25 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ICQ
[2011.05.23 11:00:38 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Identities
[2011.05.23 10:50:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Infineon
[2011.05.24 10:24:06 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\InstallShield
[2011.05.23 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Intel Corporation
[2011.05.27 08:08:12 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\LangSoft
[2011.05.23 15:18:21 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Macromedia
[2011.06.07 18:26:27 | 000,000,000 | --SD | M] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft
[2011.09.07 13:55:08 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla
[2011.06.09 19:25:04 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Nero
[2011.10.31 17:23:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy
[2011.05.24 10:24:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Roxio
[2011.05.27 07:17:24 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Roxio Burn
[2011.11.14 09:54:03 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Skype
[2011.06.14 18:52:17 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\skypePM
[2011.05.23 11:01:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Synaptics
[2011.05.26 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Telefónica Móviles
[2011.05.26 21:55:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Ulead Systems
[2011.10.08 19:01:53 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\vlc
[2011.11.14 10:26:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Winamp
[2011.09.07 10:08:47 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\WinRAR
[2011.05.25 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.10.31 17:23:31 | 000,416,160 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy\OpenCandy_F8D7A34FBF21415898149F262A24ED7D\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy\OpenCandy_F8D7A34FBF21415898149F262A24ED7D\pcspeedup.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.14 11:03:18 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.14 11:29:40 | 000,000,512 | ---- | M] () MD5=4523164B24048FD6955F3FC978FBC9D8 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 12:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 12:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2008.06.24 12:45:14 | 000,111,912 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.01.15 09:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2011.01.15 09:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2011.01.12 13:48:56 | 000,007,990 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:48:58 | 000,008,029 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:48:58 | 000,008,063 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:00 | 000,008,026 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:02 | 000,008,158 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:02 | 000,008,038 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:04 | 000,008,052 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:06 | 000,008,654 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:06 | 000,008,187 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:08 | 000,008,164 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:10 | 000,008,076 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:10 | 000,008,283 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:12 | 000,008,694 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:12 | 000,008,032 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:14 | 000,007,967 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:16 | 000,008,350 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:16 | 000,008,413 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2011.01.15 13:27:38 | 000,231,920 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFileLoader.dll
[2011.01.15 13:27:56 | 000,084,464 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderBMP.dll
[2011.01.15 13:28:12 | 000,072,176 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderECDC.dll
[2011.01.15 13:28:22 | 000,092,656 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderGIF.dll
[2011.01.15 13:28:30 | 000,207,344 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2011.01.15 13:35:06 | 000,072,176 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderMDC.dll
[2011.01.15 13:28:38 | 000,133,616 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderPNG.dll
[2011.01.15 13:28:48 | 000,104,944 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2011.01.15 13:31:52 | 000,150,000 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\LeResourceLoader.dll
[2011.01.25 12:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.01.25 12:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2011.05.25 14:56:19 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.25 14:56:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.05.25 14:56:20 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.25 14:56:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.01.12 16:23:32 | 000,141,808 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoCore 12\VOBLoader.ax
[2011.01.19 03:57:58 | 000,170,480 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DSThemeLoader.dll
[2011.01.19 03:58:56 | 000,113,136 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DVDFormatLoaderPlugIn.dll
[2011.01.19 03:22:12 | 000,040,000 | R--- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011.03.02 11:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.09.15 23:26:20 | 000,008,827 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\deprecated\FileLoader.js
[2011.09.15 23:26:20 | 000,000,240 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\downloaders\DownloaderInterface.js
[2011.09.15 23:26:20 | 000,003,068 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\downloaders\UrlBasedDownloader.js
[2011.05.25 14:38:45 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.11.12 19:04:12 | 000,071,572 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.10.05 11:12:42 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011.10.05 11:12:42 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.03.09 04:17:08 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.03.09 04:17:08 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.03.09 04:17:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.03.09 04:17:08 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.03.09 04:17:08 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.23 14:26:18 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.23 14:26:18 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.23 14:26:19 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.23 14:26:19 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.23 14:26:19 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.03.09 04:14:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.10.29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.10.29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.10.29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.10.29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.10.29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.10.29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.10.29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.10.29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\swsetup\INTELRST\Drivers\x64\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\drivers\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
[2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys
[2011.01.13 02:44:08 | 000,355,352 | ---- | M] (Intel Corporation) MD5=F989555F1662581032CCE1578A8FF28E -- C:\swsetup\INTELRST\Drivers\x32\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010.05.12 09:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010.05.12 09:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.05.12 09:50:49 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2010.05.12 09:38:10 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2010.05.12 09:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010.05.12 09:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.10.29 04:09:15 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.10.29 04:09:15 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.10.29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.10.29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp files -> C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp files -> C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.05.23 13:11:44 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Adobe
[2011.10.08 13:23:04 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Apple Computer
[2011.06.12 15:47:56 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ArcSoft
[2011.05.23 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ATI
[2011.05.30 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Canon
[2011.11.14 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DAEMON Tools Lite
[2011.05.23 10:50:23 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\DigitalPersona
[2011.05.27 08:08:59 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\dvdcss
[2011.05.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\GHISLER
[2011.08.04 08:59:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Hewlett-Packard
[2011.06.18 09:45:08 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\hpqLog
[2011.05.25 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\ICQ
[2011.05.23 11:00:38 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Identities
[2011.05.23 10:50:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Infineon
[2011.05.24 10:24:06 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\InstallShield
[2011.05.23 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Intel Corporation
[2011.05.27 08:08:12 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\LangSoft
[2011.05.23 15:18:21 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Macromedia
[2011.06.07 18:26:27 | 000,000,000 | --SD | M] -- C:\Users\Josef Šulc\AppData\Roaming\Microsoft
[2011.09.07 13:55:08 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla
[2011.06.09 19:25:04 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Nero
[2011.10.31 17:23:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy
[2011.05.24 10:24:46 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Roxio
[2011.05.27 07:17:24 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Roxio Burn
[2011.11.14 09:54:03 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Skype
[2011.06.14 18:52:17 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\skypePM
[2011.05.23 11:01:01 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Synaptics
[2011.05.26 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Telefónica Móviles
[2011.05.26 21:55:32 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Ulead Systems
[2011.10.08 19:01:53 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\vlc
[2011.11.14 10:26:30 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Winamp
[2011.09.07 10:08:47 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\WinRAR
[2011.05.25 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Josef Šulc\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.10.31 17:23:31 | 000,416,160 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy\OpenCandy_F8D7A34FBF21415898149F262A24ED7D\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Josef Šulc\AppData\Roaming\OpenCandy\OpenCandy_F8D7A34FBF21415898149F262A24ED7D\pcspeedup.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.14 11:03:18 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.14 11:29:40 | 000,000,512 | ---- | M] () MD5=4523164B24048FD6955F3FC978FBC9D8 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 12:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 12:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2008.06.24 12:45:14 | 000,111,912 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.01.15 09:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2011.01.15 09:21:00 | 000,053,511 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2011.01.12 13:48:56 | 000,007,990 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:48:58 | 000,008,029 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:48:58 | 000,008,063 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:00 | 000,008,026 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:02 | 000,008,158 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:02 | 000,008,038 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:04 | 000,008,052 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:06 | 000,008,654 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:06 | 000,008,187 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:08 | 000,008,164 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:10 | 000,008,076 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:10 | 000,008,283 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:12 | 000,008,694 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:12 | 000,008,032 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:14 | 000,007,967 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:16 | 000,008,350 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2011.01.12 13:49:16 | 000,008,413 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2011.01.15 13:27:38 | 000,231,920 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFileLoader.dll
[2011.01.15 13:27:56 | 000,084,464 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderBMP.dll
[2011.01.15 13:28:12 | 000,072,176 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderECDC.dll
[2011.01.15 13:28:22 | 000,092,656 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderGIF.dll
[2011.01.15 13:28:30 | 000,207,344 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2011.01.15 13:35:06 | 000,072,176 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderMDC.dll
[2011.01.15 13:28:38 | 000,133,616 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderPNG.dll
[2011.01.15 13:28:48 | 000,104,944 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2011.01.15 13:31:52 | 000,150,000 | ---- | M] () -- \Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\LeResourceLoader.dll
[2011.01.25 12:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.01.25 12:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2011.05.25 14:56:19 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.25 14:56:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.05.25 14:56:20 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.25 14:56:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.01.12 16:23:32 | 000,141,808 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoCore 12\VOBLoader.ax
[2011.01.19 03:57:58 | 000,170,480 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DSThemeLoader.dll
[2011.01.19 03:58:56 | 000,113,136 | ---- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\DVDFormatLoaderPlugIn.dll
[2011.01.19 03:22:12 | 000,040,000 | R--- | M] () -- \Program Files (x86)\Roxio\OEM\VideoUI 12\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011.03.02 11:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.09.15 23:26:20 | 000,008,827 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\deprecated\FileLoader.js
[2011.09.15 23:26:20 | 000,000,240 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\downloaders\DownloaderInterface.js
[2011.09.15 23:26:20 | 000,003,068 | ---- | M] () -- \Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\caching\downloaders\UrlBasedDownloader.js
[2011.05.25 14:38:45 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.11.12 19:04:12 | 000,071,572 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.10.05 11:12:42 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011.10.05 11:12:42 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.03.09 04:17:08 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.03.09 04:17:08 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.03.09 04:17:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.03.09 04:17:08 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.03.09 04:17:08 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.23 14:26:18 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.23 14:26:18 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.23 14:26:19 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.23 14:26:19 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.23 14:26:19 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.03.09 04:14:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
-
Euronymous
- Návštěvník
- Příspěvky: 97
- Registrován: 03 pro 2003 20:53
Re: Preventivní kontrola
Extras:
OTL Extras logfile created on: 14.11.2011 11:27:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Josef Šulc\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,39% Memory free
7,95 Gb Paging File | 5,35 Gb Available in Paging File | 67,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,40 Gb Total Space | 376,47 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 7,46 Gb Total Space | 3,23 Gb Free Space | 43,25% Space Free | Partition Type: FAT32
Drive E: | 15,07 Gb Total Space | 2,25 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,13 Gb Free Space | 42,69% Space Free | Partition Type: FAT32
Drive H: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: NOTEBOOK | User Name: Josef Šulc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{103729AF-35B8-7567-2739-905128A38CFE}" = ccc-utility64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7D1C63D1-6520-49DA-B738-958133526E80}" = HP HotKey Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83DA38AB-1014-41C2-A3CD-E2B93832A71A}" = HP 3D DriveGuard
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D5526B83-25C4-88A8-A984-98F871DA1415}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E8F1F2-6E5B-C5A4-A5FD-B76CCF833F21}" = CCC Help Finnish
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E8DE6AB-5193-A885-A550-7B26858FFF74}" = Catalyst Control Center Localization All
"{11C8CD1B-B0F8-D6F5-3E5D-6103FA7A2740}" = CCC Help English
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{1267DA48-A6EA-3202-6C02-0AD5D3AAF360}" = Catalyst Control Center InstallProxy
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{14FDECFD-FBA1-5D0A-16FE-51621197077E}" = CCC Help Norwegian
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1E8D5440-0CC6-6E2D-7A1A-1B02699C76DE}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2041A685-F8DC-A7C7-2AF4-CE646D1E2161}" = CCC Help Thai
"{20976B1F-E910-404D-9261-C16EE7E12DC8}" = HP QuickWeb
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{2C43790E-8470-1027-82D3-DF319F3C410F}" = Intel(R) Identity Protection Technology 1.0.71.0
"{2F36E5A1-A627-3736-D4BC-7962DD22EE0B}" = CCC Help Polish
"{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}" = HP SoftPaq Download Manager
"{39705143-74BD-1E99-5952-22764AD6DED9}" = ccc-core-static
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C213840-A3A6-FD8C-91E5-AC7566FCB71B}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{44C72B93-46FA-6D17-4020-E796E8D9C808}" = CCC Help German
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{52B18ABC-AD5F-4C3C-B391-04F57B380449}" = HP Client Automation Agent Preload
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}" = HP System Default Settings
"{5681FF4A-5469-D41F-F990-D1AC1037AB02}" = CCC Help Korean
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A6CB42D-AFB6-989E-E7EB-B3FF928C707F}" = Catalyst Control Center Profiles Mobile
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{63240320-9946-4A11-5135-DB66D8113842}" = CCC Help Japanese
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68DDF0E0-42D9-B5C3-AD7A-3E1DCCE8D2E3}" = CCC Help Turkish
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{93139A49-0360-4718-8B93-C1F9EB12E3D8}" = Roxio Secure Burn
"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}" = Roxio MyDVD Business 2010
"{9F7E4DF2-1795-99AD-CDD7-29F440B61088}" = CCC Help Hungarian
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A79846AB-AE6A-C993-71DF-99FF8E559613}" = CCC Help Chinese Traditional
"{ABC887FA-1BAC-411B-9F0F-21BA16702F15}" = VideoStudio
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF6CCCD-2C82-CF3F-58AD-1766D370622F}" = CCC Help French
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}" = Roxio MyDVD Business 2010
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0116FFA-6568-B16B-09EF-01E97CEF89E9}" = CCC Help Chinese Standard
"{C501064B-0925-A417-D08B-A96C07D11E01}" = CCC Help Italian
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDF2096F-1FBD-C097-15BC-8BC64AF0B6F7}" = CCC Help Spanish
"{CE7AE690-57AF-286B-B022-A808D30F08F2}" = CCC Help Greek
"{CFC1988A-F492-4BC5-B6F7-683A95718AE9}" = HP ESU for Microsoft Windows 7
"{D9965E8E-496F-F5E4-D8FF-78FB7EBE6ABA}" = CCC Help Swedish
"{DA8B96DE-3FE5-2079-D33B-7152C13AFC73}" = CCC Help Portuguese
"{E1625943-425A-6675-6A52-6AE98AC3080F}" = CCC Help Dutch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E755FF48-9936-FE6B-3910-490DFB39F56D}" = Catalyst Control Center Graphics Previews Common
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F24F876B-7D71-4BD6-88E9-614D3BB84216}" = Alcor Micro Smart Card Reader Driver
"{F6BC20A5-3C48-4675-BDE6-E2E6FED30B9D}" = IRRecevie
"{F70487C4-B639-5576-6DE1-2D2D790AC51A}" = CCC Help Russian
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Final Fight (MAME 0.141 emulation for 64-bit Windows)" = Final Fight (MAME 0.141 emulation for 64-bit Windows)
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{ABC887FA-1BAC-411B-9F0F-21BA16702F15}" = Ulead VideoStudio 11 SE DVD
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NSS" = Norton Security Scan
"O2CZ" = O2
"PDF Complete" = PDF Complete Special Edition
"Registrace uživatele zařízení Canon MP640 series" = Registrace uživatele zařízení Canon MP640 series
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Totalcmd" = Total Commander (Remove or Repair)
"VIP Access SDK" = VIP Access SDK x64(1.0.0.50)
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Worms 2" = Worms 2
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.9.2011 10:06:34 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 18.9.2011 10:06:34 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.9.2011 13:38:17 | Computer Name = notebook | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu HP Software Framework Service nelze ukončit.
Error - 21.9.2011 13:38:47 | Computer Name = notebook | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu QLBController nelze ukončit.
Error - 23.9.2011 10:35:10 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: HPDayStarterService.exe, verze: 2.0.0.12,
časové razítko: 0x4d42d67a Název chybujícího modulu: mfc90u.dll, verze: 9.0.30729.4148,
časové razítko: 0x4a596d4a Kód výjimky: 0x40000015 Posun chyby: 0x0005d38f ID chybujícího
procesu: 0x91c Čas spuštění chybující aplikace: 0x01cc79fc5abc1329 Cesta k chybující
aplikaci: c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
Cesta
k chybujícímu modulu: C:\windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
ID
zprávy: 3cf94d7b-e5f1-11e0-bb30-70f3959b9c9f
Error - 29.9.2011 18:11:06 | Computer Name = notebook | Source = System Restore | ID = 8193
Description =
Error - 3.10.2011 13:06:12 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3.10.2011 13:06:14 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 3.10.2011 13:06:14 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 10.10.2011 10:48:20 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: QuickTime.qts, verze: 7.1.3.100, časové
razítko: 0x44f8bf2f Kód výjimky: 0xc0000005 Posun chyby: 0x00069b97 ID chybujícího
procesu: 0x1460 Čas spuštění chybující aplikace: 0x01cc875b8aacbec4 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts ID zprávy: e5193c82-f34e-11e0-a9f6-70f3959b9c9f
[ HP Connection Manager Events ]
Error - 7.9.2011 16:52:13 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/07 22:52:13.247|00001A04|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 7.9.2011 18:59:24 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 00:59:24.858|000017F8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 7.9.2011 18:59:29 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 00:59:29.405|0000160C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:19 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:19.115|000015D8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:19 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:19.364|00001BF0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:24 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:24.790|00001BF0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:42:37 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:42:37.295|0000176C|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 8.9.2011 14:12:28 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 20:12:28.589|000015B4|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 9.9.2011 7:49:57 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/09 13:49:57.517|000016C4|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 9.9.2011 9:37:40 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/09 15:37:40.104|00000CE8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
[ Media Center Events ]
Error - 25.7.2011 10:27:10 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:27:10 - Chyba při připojování k Internetu 16:27:10 - Nelze kontaktovat
server..
Error - 25.7.2011 10:27:34 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:27:18 - Chyba při připojování k Internetu 16:27:18 - Nelze kontaktovat
server..
Error - 25.7.2011 11:27:41 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 17:27:41 - Chyba při připojování k Internetu 17:27:41 - Nelze kontaktovat
server..
Error - 25.7.2011 11:27:47 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 17:27:46 - Chyba při připojování k Internetu 17:27:46 - Nelze kontaktovat
server..
Error - 25.7.2011 12:27:55 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:27:55 - Chyba při připojování k Internetu 18:27:55 - Nelze kontaktovat
server..
Error - 25.7.2011 12:28:03 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:28:00 - Chyba při připojování k Internetu 18:28:00 - Nelze kontaktovat
server..
Error - 30.7.2011 10:55:37 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:55:06 - Chyba při připojování k Internetu 16:55:06 - Nelze kontaktovat
server..
Error - 3.10.2011 12:12:47 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:12:46 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)
Error - 14.11.2011 4:38:59 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 9:38:59 - Chyba při připojování k Internetu 9:38:59 - Nelze kontaktovat
server..
Error - 14.11.2011 4:39:07 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 9:39:04 - Chyba při připojování k Internetu 9:39:04 - Nelze kontaktovat
server..
[ System Events ]
Error - 11.10.2011 17:08:45 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 11.10.2011 17:25:45 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 12.10.2011 4:19:28 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 17.10.2011 17:47:46 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 18.10.2011 4:46:59 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 19.10.2011 4:18:27 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 19.10.2011 9:28:21 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 10:58:05 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 16:25:58 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 17:12:47 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
< End of report >
OTL Extras logfile created on: 14.11.2011 11:27:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Josef Šulc\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,39% Memory free
7,95 Gb Paging File | 5,35 Gb Available in Paging File | 67,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,40 Gb Total Space | 376,47 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 7,46 Gb Total Space | 3,23 Gb Free Space | 43,25% Space Free | Partition Type: FAT32
Drive E: | 15,07 Gb Total Space | 2,25 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,13 Gb Free Space | 42,69% Space Free | Partition Type: FAT32
Drive H: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: NOTEBOOK | User Name: Josef Šulc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\CScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{103729AF-35B8-7567-2739-905128A38CFE}" = ccc-utility64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7D1C63D1-6520-49DA-B738-958133526E80}" = HP HotKey Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83DA38AB-1014-41C2-A3CD-E2B93832A71A}" = HP 3D DriveGuard
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D5526B83-25C4-88A8-A984-98F871DA1415}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E8F1F2-6E5B-C5A4-A5FD-B76CCF833F21}" = CCC Help Finnish
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E8DE6AB-5193-A885-A550-7B26858FFF74}" = Catalyst Control Center Localization All
"{11C8CD1B-B0F8-D6F5-3E5D-6103FA7A2740}" = CCC Help English
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{1267DA48-A6EA-3202-6C02-0AD5D3AAF360}" = Catalyst Control Center InstallProxy
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{14FDECFD-FBA1-5D0A-16FE-51621197077E}" = CCC Help Norwegian
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1E8D5440-0CC6-6E2D-7A1A-1B02699C76DE}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2041A685-F8DC-A7C7-2AF4-CE646D1E2161}" = CCC Help Thai
"{20976B1F-E910-404D-9261-C16EE7E12DC8}" = HP QuickWeb
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{2C43790E-8470-1027-82D3-DF319F3C410F}" = Intel(R) Identity Protection Technology 1.0.71.0
"{2F36E5A1-A627-3736-D4BC-7962DD22EE0B}" = CCC Help Polish
"{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}" = HP SoftPaq Download Manager
"{39705143-74BD-1E99-5952-22764AD6DED9}" = ccc-core-static
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C213840-A3A6-FD8C-91E5-AC7566FCB71B}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{44C72B93-46FA-6D17-4020-E796E8D9C808}" = CCC Help German
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{52B18ABC-AD5F-4C3C-B391-04F57B380449}" = HP Client Automation Agent Preload
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}" = HP System Default Settings
"{5681FF4A-5469-D41F-F990-D1AC1037AB02}" = CCC Help Korean
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A6CB42D-AFB6-989E-E7EB-B3FF928C707F}" = Catalyst Control Center Profiles Mobile
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{63240320-9946-4A11-5135-DB66D8113842}" = CCC Help Japanese
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68DDF0E0-42D9-B5C3-AD7A-3E1DCCE8D2E3}" = CCC Help Turkish
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{93139A49-0360-4718-8B93-C1F9EB12E3D8}" = Roxio Secure Burn
"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}" = Roxio MyDVD Business 2010
"{9F7E4DF2-1795-99AD-CDD7-29F440B61088}" = CCC Help Hungarian
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A79846AB-AE6A-C993-71DF-99FF8E559613}" = CCC Help Chinese Traditional
"{ABC887FA-1BAC-411B-9F0F-21BA16702F15}" = VideoStudio
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF6CCCD-2C82-CF3F-58AD-1766D370622F}" = CCC Help French
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}" = Roxio MyDVD Business 2010
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0116FFA-6568-B16B-09EF-01E97CEF89E9}" = CCC Help Chinese Standard
"{C501064B-0925-A417-D08B-A96C07D11E01}" = CCC Help Italian
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDF2096F-1FBD-C097-15BC-8BC64AF0B6F7}" = CCC Help Spanish
"{CE7AE690-57AF-286B-B022-A808D30F08F2}" = CCC Help Greek
"{CFC1988A-F492-4BC5-B6F7-683A95718AE9}" = HP ESU for Microsoft Windows 7
"{D9965E8E-496F-F5E4-D8FF-78FB7EBE6ABA}" = CCC Help Swedish
"{DA8B96DE-3FE5-2079-D33B-7152C13AFC73}" = CCC Help Portuguese
"{E1625943-425A-6675-6A52-6AE98AC3080F}" = CCC Help Dutch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E755FF48-9936-FE6B-3910-490DFB39F56D}" = Catalyst Control Center Graphics Previews Common
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F24F876B-7D71-4BD6-88E9-614D3BB84216}" = Alcor Micro Smart Card Reader Driver
"{F6BC20A5-3C48-4675-BDE6-E2E6FED30B9D}" = IRRecevie
"{F70487C4-B639-5576-6DE1-2D2D790AC51A}" = CCC Help Russian
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Final Fight (MAME 0.141 emulation for 64-bit Windows)" = Final Fight (MAME 0.141 emulation for 64-bit Windows)
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{ABC887FA-1BAC-411B-9F0F-21BA16702F15}" = Ulead VideoStudio 11 SE DVD
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NSS" = Norton Security Scan
"O2CZ" = O2
"PDF Complete" = PDF Complete Special Edition
"Registrace uživatele zařízení Canon MP640 series" = Registrace uživatele zařízení Canon MP640 series
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Totalcmd" = Total Commander (Remove or Repair)
"VIP Access SDK" = VIP Access SDK x64(1.0.0.50)
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Worms 2" = Worms 2
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.9.2011 10:06:34 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 18.9.2011 10:06:34 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 21.9.2011 13:38:17 | Computer Name = notebook | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu HP Software Framework Service nelze ukončit.
Error - 21.9.2011 13:38:47 | Computer Name = notebook | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu QLBController nelze ukončit.
Error - 23.9.2011 10:35:10 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: HPDayStarterService.exe, verze: 2.0.0.12,
časové razítko: 0x4d42d67a Název chybujícího modulu: mfc90u.dll, verze: 9.0.30729.4148,
časové razítko: 0x4a596d4a Kód výjimky: 0x40000015 Posun chyby: 0x0005d38f ID chybujícího
procesu: 0x91c Čas spuštění chybující aplikace: 0x01cc79fc5abc1329 Cesta k chybující
aplikaci: c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
Cesta
k chybujícímu modulu: C:\windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
ID
zprávy: 3cf94d7b-e5f1-11e0-bb30-70f3959b9c9f
Error - 29.9.2011 18:11:06 | Computer Name = notebook | Source = System Restore | ID = 8193
Description =
Error - 3.10.2011 13:06:12 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3.10.2011 13:06:14 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 3.10.2011 13:06:14 | Computer Name = notebook | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 10.10.2011 10:48:20 | Computer Name = notebook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: QuickTime.qts, verze: 7.1.3.100, časové
razítko: 0x44f8bf2f Kód výjimky: 0xc0000005 Posun chyby: 0x00069b97 ID chybujícího
procesu: 0x1460 Čas spuštění chybující aplikace: 0x01cc875b8aacbec4 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts ID zprávy: e5193c82-f34e-11e0-a9f6-70f3959b9c9f
[ HP Connection Manager Events ]
Error - 7.9.2011 16:52:13 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/07 22:52:13.247|00001A04|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 7.9.2011 18:59:24 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 00:59:24.858|000017F8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 7.9.2011 18:59:29 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 00:59:29.405|0000160C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:19 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:19.115|000015D8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:19 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:19.364|00001BF0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:00:24 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:00:24.790|00001BF0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 8.9.2011 6:42:37 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 12:42:37.295|0000176C|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 8.9.2011 14:12:28 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/08 20:12:28.589|000015B4|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 9.9.2011 7:49:57 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/09 13:49:57.517|000016C4|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 9.9.2011 9:37:40 | Computer Name = notebook | Source = hpCMSrv | ID = 5
Description = 2011/09/09 15:37:40.104|00000CE8|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
[ Media Center Events ]
Error - 25.7.2011 10:27:10 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:27:10 - Chyba při připojování k Internetu 16:27:10 - Nelze kontaktovat
server..
Error - 25.7.2011 10:27:34 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:27:18 - Chyba při připojování k Internetu 16:27:18 - Nelze kontaktovat
server..
Error - 25.7.2011 11:27:41 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 17:27:41 - Chyba při připojování k Internetu 17:27:41 - Nelze kontaktovat
server..
Error - 25.7.2011 11:27:47 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 17:27:46 - Chyba při připojování k Internetu 17:27:46 - Nelze kontaktovat
server..
Error - 25.7.2011 12:27:55 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:27:55 - Chyba při připojování k Internetu 18:27:55 - Nelze kontaktovat
server..
Error - 25.7.2011 12:28:03 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:28:00 - Chyba při připojování k Internetu 18:28:00 - Nelze kontaktovat
server..
Error - 30.7.2011 10:55:37 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 16:55:06 - Chyba při připojování k Internetu 16:55:06 - Nelze kontaktovat
server..
Error - 3.10.2011 12:12:47 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 18:12:46 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)
Error - 14.11.2011 4:38:59 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 9:38:59 - Chyba při připojování k Internetu 9:38:59 - Nelze kontaktovat
server..
Error - 14.11.2011 4:39:07 | Computer Name = notebook | Source = MCUpdate | ID = 0
Description = 9:39:04 - Chyba při připojování k Internetu 9:39:04 - Nelze kontaktovat
server..
[ System Events ]
Error - 11.10.2011 17:08:45 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 11.10.2011 17:25:45 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 12.10.2011 4:19:28 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 17.10.2011 17:47:46 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 18.10.2011 4:46:59 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 19.10.2011 4:18:27 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 19.10.2011 9:28:21 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 10:58:05 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 16:25:58 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 22.10.2011 17:12:47 | Computer Name = notebook | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\ULCDRHlp.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
< End of report >
Re: Preventivní kontrola
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF IE - HKU\S-1-5-21-801800788-878754999-428713004-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF FF - prefs.js..browser.search.defaultenginename: "AOL Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111031162408995&tb_oid=31-10-2011&tb_mrud=31-10-2011&query=" FF - prefs.js..browser.search.order.1: "Bing" FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20111031162408995&tb_oid=31-10-2011&tb_mrud=31-10-2011&query=" FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found [2011.10.31 17:24:22 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2011.10.31 17:25:11 | 000,002,354 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\aol-web-search.xml [2011.10.03 15:50:26 | 000,001,945 | ---- | M] () -- C:\Users\Josef Šulc\AppData\Roaming\Mozilla\Firefox\Profiles\kw2xkc5l.default\searchplugins\bing-zugo.xml File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F} File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{46D606B0-A645-11DF-981C-0800200C9A66} File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\{5911488E-9D1E-40EC-8CBB-06B231CC153F} File not found (No name found) -- C:\USERS\JOSEF Ĺ ULC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KW2XKC5L.DEFAULT\EXTENSIONS\TEXTLINKS@EPICPLAY.COM CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} O4 - HKLM..\Run: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - AutoRun File - [2008.09.10 12:40:51 | 000,000,046 | R--- | M] () - H:\autorun.inf -- [ UDF ] O33 - MountPoints2\{18602cd3-997e-11e0-9391-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{75289a8d-0ea7-11e1-8883-70f3959b9c9f}\Shell - "" = AutoRun O33 - MountPoints2\{a00aaf74-87b5-11e0-8646-c0f8da44090f}\Shell - "" = AutoRun O33 - MountPoints2\D\Shell - "" = AutoRun [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp files -> C:\windows\SoftwareDistribution\Download\526574320ee7f5bde023c570cb3512a8\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp files -> C:\windows\SoftwareDistribution\Download\bb7469ffcf1adc7858de4b4698d93135\*.tmp -> ] @Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT :services PCSUService Nero BackItUp Scheduler 3 :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"=- "Google Update"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "NBKeyScan"=- "TaskTray"=- "StartNowToolbarHelper"=- "WinampAgent"=- "SunJavaUpdateSched"=- :files C:\Program Files (x86)\Winamp Toolbar C:\ProgramData\Winamp Toolbar C:\Program Files (x86)\Zrychleni Pocitace C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-801800788-878754999-428713004-1001UA.job C:\windows\tasks\HPCeeScheduleForJosef Šulc.job C:\windows\tasks\Norton Security Scan for Josef Šulc.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?