Ahoj,
chtěl bych porosit o kontrolu logu RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan Rucker at 2011-11-20 10:17:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (4%) free of 71 GB
Total RAM: 3958 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:17:22, on 20.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe
C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (moje)\Miranda IM\miranda32.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Altap Salamander\salamand.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (moje)\pinger\pinger.exe
C:\Program Files\trend micro\Jan Rucker.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SaveMyWork] C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jan Rucker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKCU\..\Run: [ManicTime] C:\Program Files (moje)\ManicTime\ManicTime.exe /minimized /name:
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Startup: miranda32 – zástupce.lnk = C:\Program Files (moje)\Miranda IM\miranda32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O4 - Global Startup: TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (moje)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = a04-0836b.kn.vutbr.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = a04-0836b.kn.vutbr.cz
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = a04-0836b.kn.vutbr.cz
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 19632 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b8454eb1-2498-43a9-a464-8a611bf3def0 -SystemEventPortName:HostProcess-44500581-54fa-49a3-98d0-5f2c1549bb9e -IoCancelEventPortName:HostProcess-730c43d4-54cb-4773-a660-6b916cebf68d -NonStateChangingEventPortName:HostProcess-24cd3b5c-328e-4bb1-aef0-d7646ce1dd13 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3784c9d2-a9d8-4727-9b0c-f085c4577c3d
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 3840480
\??\C:\Windows\system32\conhost.exe "2142983534379745092125362730515718788421580804460118987271312391983-583500028
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe"
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview64.dll",nViewInitialize
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview.dll",nViewInitialize
"C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe" -autorun
rundll32.exe "C:\Program Files\NVIDIA Corporation\nView\nview.dll",nViewInitialize
"C:\Program Files (moje)\ManicTime\ManicTime.exe" /minimized /name:
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
WLIDSvcM.exe 1184
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files (moje)\Miranda IM\miranda32.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /restore
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-14599032481713401074-1224672947-2139094061-156705512-195516123915529106891173688263
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\syswow64\MsiExec.exe -Embedding 52A338034D5E86D3D0F1FCB227DE17BA
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
{B90A57AA-A25A-4602-B47B-12113F9C18EB}
{DC6AF63C-84E4-4915-854B-F19D92192257}
"C:\Program Files (x86)\Altap Salamander\salamand.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6148.62af6c0.1854395265 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 6148 "\\.\pipe\gecko-crash-server-pipe.6148" plugin
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe "C:\Program Files (x86)\Java\jre6" -D__jvm_launched=21834098745 -Xbootclasspath/a:C:\PROGRA~2\Java\jre6\lib\deploy.jar;C:\PROGRA~2\Java\jre6\lib\javaws.jar;C:\PROGRA~2\Java\jre6\lib\plugin.jar -Djava.class.path=C:\PROGRA~2\Java\jre6\classes -Dsun.awt.warmup=true --- -- sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid6148_pipe2,read_pipe_name=jpi2_pid6148_pipe1
"C:\Program Files (x86)\Java\jre6\bin\java.exe" -D__jvm_launched=21834098745 "-Xbootclasspath/a:C:\\PROGRA~2\\Java\\jre6\\lib\\deploy.jar;C:\\PROGRA~2\\Java\\jre6\\lib\\javaws.jar;C:\\PROGRA~2\\Java\\jre6\\lib\\plugin.jar" "-Djava.class.path=C:\\PROGRA~2\\Java\\jre6\\classes" -Dsun.awt.warmup=true "-Dsun.plugin2.jvm.args=-D__jvm_launched=21834098745 \"-Xbootclasspath/a:C:\\\\PROGRA~2\\\\Java\\\\jre6\\\\lib\\\\deploy.jar;C:\\\\PROGRA~2\\\\Java\\\\jre6\\\\lib\\\\javaws.jar;C:\\\\PROGRA~2\\\\Java\\\\jre6\\\\lib\\\\plugin.jar\" \"-Djava.class.path=C:\\\\PROGRA~2\\\\Java\\\\jre6\\\\classes\" -Dsun.awt.warmup=true --- --" sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid6148_pipe2,read_pipe_name=jpi2_pid6148_pipe1
\??\C:\Windows\system32\conhost.exe "-7569490051637695062583298518-1901667349-1226769726-178941527486314829271611540
"C:\Program Files (moje)\pinger\pinger.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 55D0C43C-E20F-CA53-F26A-75F53E39C9CE -Reinvoke
"C:\Users\Jan Rucker\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
prefs.js - "extensions.enabledItems" - "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.29, gipsy@pgweb.cz:1.7.0, LogMeInClient@logmein.com:1.0.0.608, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:20110101, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633]
"Description"=12.0.1.633
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (moje)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
npWebLaunch.dll.~del
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\
ffxtlbr@Facemoods.com
gipsy@pgweb.cz
LogMeInClient@logmein.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-19 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-03-16 381656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll [2011-09-05 265944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-08-22 141184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Foxit PDF Creator Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit PDF Creator Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll [2011-09-05 220888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-06-04 392048]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-05-26 487424]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2010-06-22 34232]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-26 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2010-09-17 57928]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2007-09-06 406944]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-29 1875048]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2010-07-31 283240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"SaveMyWork"=C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe [2004-12-12 471040]
"DAEMON Tools Lite"=C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Google Update"=C:\Users\Jan Rucker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 136176]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe /autorun []
"ManicTime"=C:\Program Files (moje)\ManicTime\ManicTime.exe [2011-10-26 248656]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17351304]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-03-16 273544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-04-14 112408]
"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-12-29 140520]
"DellBtrEvent"=D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe [2010-05-04 147456]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-09-04 240112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"SAOB Monitor"=C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2010-11-16 2536752]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NSU_agent"=C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-08-11 169264]
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [2010-11-01 522736]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-10-09 421736]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [2011-09-05 362200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
TdmNotify.lnk - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
miranda32 – zástupce.lnk - C:\Program Files (moje)\Miranda IM\miranda32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-15 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceRunOnStartMenu"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-11-20 10:17:17 ----D---- C:\Program Files\trend micro
2011-11-20 10:17:16 ----D---- C:\rsit
2011-11-20 09:19:09 ----D---- C:\Windows\system32\Macromed
2011-11-20 03:06:58 ----D---- C:\Users\Jan Rucker\AppData\Roaming\Altap
2011-11-11 13:05:49 ----D---- C:\Garmin
2011-11-11 12:52:50 ----D---- C:\Users\Jan Rucker\AppData\Roaming\Garmin
2011-11-11 10:00:02 ----D---- C:\Program Files (x86)\facemoods.com
2011-11-09 08:44:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:44:27 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 11:02:01 ----D---- C:\Users\Jan Rucker\AppData\Roaming\Nokia Suite
2011-11-08 10:58:22 ----D---- C:\ProgramData\Nokia
2011-11-08 10:54:04 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2011-11-08 10:53:56 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-11-02 22:11:08 ----D---- C:\Program Files (x86)\QuickTime
2011-10-31 17:23:27 ----A---- C:\Windows\system32\drivers\btwrchid.sys
2011-10-31 17:23:27 ----A---- C:\Windows\system32\drivers\btwl2cap.sys
2011-10-31 17:23:27 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2011-10-31 17:23:27 ----A---- C:\Windows\system32\drivers\btwaudio.sys
2011-10-31 17:23:27 ----A---- C:\Windows\system32\drivers\btwampfl.sys
2011-10-31 17:23:27 ----A---- C:\Windows\system32\btwcoins.dll
2011-10-31 15:55:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-10-31 15:55:27 ----D---- C:\ProgramData\NVIDIA Corporation
2011-10-31 15:38:45 ----A---- C:\Windows\system32\nvhdap64.dll
2011-10-31 15:38:45 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2011-10-31 15:38:43 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-10-31 15:38:43 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-10-31 15:38:43 ----A---- C:\Windows\system32\OpenCL.dll
2011-10-31 15:38:42 ----A---- C:\Windows\system32\nvoglv64.dll
2011-10-31 15:38:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-10-31 15:38:40 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-10-31 15:38:39 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2011-10-31 15:38:39 ----A---- C:\Windows\system32\nvdecodemft.dll
2011-10-31 15:38:37 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-10-31 15:38:37 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-10-31 15:38:37 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-10-31 15:38:37 ----A---- C:\Windows\system32\nvcuvid.dll
2011-10-31 15:38:37 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-10-31 15:38:36 ----A---- C:\Windows\system32\nvcuda.dll
2011-10-31 15:38:29 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-10-31 15:38:29 ----A---- C:\Windows\system32\nvcompiler.dll
2011-10-31 15:38:29 ----A---- C:\Windows\system32\nvcod1923.dll
2011-10-31 15:38:29 ----A---- C:\Windows\system32\nvcod.dll
2011-10-31 15:34:48 ----A---- C:\Windows\system32\drivers\Impcd.sys
2011-10-25 17:07:33 ----D---- C:\web1
2011-10-25 17:07:18 ----D---- C:\web
======List of files/folders modified in the last 1 month======
2011-11-20 10:17:23 ----D---- C:\Windows\Temp
2011-11-20 10:17:17 ----RD---- C:\Program Files
2011-11-20 10:06:47 ----D---- C:\Users\Jan Rucker\AppData\Roaming\Skype
2011-11-20 09:54:11 ----D---- C:\Windows\system32\config
2011-11-20 09:19:09 ----D---- C:\Windows\System32
2011-11-20 03:37:53 ----D---- C:\Windows\inf
2011-11-20 03:37:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-20 03:35:56 ----SHD---- C:\Config.Msi
2011-11-20 03:35:55 ----SHD---- C:\Windows\Installer
2011-11-20 03:34:01 ----A---- C:\Windows\SYSWOW64\log.txt
2011-11-20 03:33:18 ----D---- C:\ProgramData\NVIDIA
2011-11-20 03:10:46 ----D---- C:\Windows\Microsoft.NET
2011-11-20 03:10:03 ----D---- C:\ProgramData\Microsoft Help
2011-11-20 03:09:52 ----RSD---- C:\Windows\assembly
2011-11-20 03:05:11 ----A---- C:\Windows\win.ini
2011-11-20 03:05:10 ----D---- C:\Program Files\Common Files\System
2011-11-20 03:01:00 ----D---- C:\ProgramData\LogMeIn
2011-11-19 19:14:01 ----D---- C:\Windows\system32\catroot
2011-11-11 16:25:30 ----D---- C:\Windows\system32\Tasks
2011-11-11 13:06:06 ----D---- C:\Windows\SysWOW64
2011-11-11 13:05:59 ----D---- C:\Windows\system32\DriverStore
2011-11-11 12:48:35 ----D---- C:\Program Files (x86)\Garmin
2011-11-11 10:00:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-11 10:00:02 ----RD---- C:\Program Files (x86)
2011-11-11 09:59:21 ----D---- C:\Program Files (moje)
2011-11-11 09:19:26 ----D---- C:\Users\Jan Rucker\AppData\Roaming\XnView
2011-11-11 03:36:06 ----D---- C:\ProgramData\Sonic
2011-11-11 03:34:07 ----D---- C:\Windows\winsxs
2011-11-11 03:29:35 ----D---- C:\Windows\system32\drivers
2011-11-11 03:29:04 ----D---- C:\ProgramData\CanonIJPLM
2011-11-11 03:27:52 ----SD---- C:\Users\Jan Rucker\AppData\Roaming\Microsoft
2011-11-11 03:03:24 ----D---- C:\Windows\debug
2011-11-11 03:03:23 ----A---- C:\Windows\system32\MRT.exe
2011-11-10 20:28:52 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-11-09 14:07:42 ----D---- C:\Program Files (x86)\JDownloader
2011-11-09 13:39:48 ----D---- C:\Program Files\CCleaner
2011-11-09 08:44:19 ----D---- C:\Windows\system32\catroot2
2011-11-09 08:41:57 ----D---- C:\Windows
2011-11-08 10:58:22 ----D---- C:\ProgramData
2011-11-08 10:58:22 ----D---- C:\Program Files (x86)\Nokia
2011-11-08 10:54:04 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-04 08:06:09 ----D---- C:\Users\Jan Rucker\AppData\Roaming\Winamp
2011-11-01 08:30:35 ----D---- C:\Windows\system32\NDF
2011-10-31 16:57:11 ----D---- C:\Windows\Help
2011-10-31 16:07:57 ----RD---- C:\Program Files (x86)\Skype
2011-10-31 16:07:53 ----D---- C:\ProgramData\Skype
2011-10-31 15:58:33 ----D---- C:\Program Files\NVIDIA Corporation
2011-10-31 15:35:14 ----D---- C:\Program Files (x86)\Intel
2011-10-28 17:40:49 ----RD---- C:\Users
2011-10-27 10:12:50 ----D---- C:\Users\Jan Rucker\AppData\Roaming\QIP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 32240]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-03-02 198944]
R0 stdflt;Disk Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdfltn.sys [2010-01-18 21040]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-03-02 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-03-02 970336]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-31 270912]
R1 DVMIO;DVMIO; \??\D:\Program Files (x86)\Dell\Reader 2.1\dvmio_x64.sys [2010-05-04 20624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-09-17 72216]
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys [2010-03-21 81920]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-01-18 26160]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-03-02 285280]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-06-21 304760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl; C:\Windows\system32\drivers\btwampfl.sys [2011-10-31 348712]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-10-31 106536]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-10-31 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-10-31 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-10-31 21416]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-20 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-09-17 11552]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-05-26 506880]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-04-26 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 72648]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-04-26 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-04-26 27176]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-28 44480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2010-03-21 61952]
S3 rixdpcie;rixdpcie; C:\Windows\system32\DRIVERS\rixdpe64.sys [2010-03-21 55808]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTUSB64.SYS [2007-04-27 56872]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-05-26 89600]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-02 3246040]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-10-15 953632]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 1039776]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 31136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 dcpsysmgrsvc;Dell System Manager Service; c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-25 517488]
R2 DvmMDES;DeviceVM Meta Data Export Service; D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe [2010-05-04 327680]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-20 1429776]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 InstallFilterService;FF Install Filter Service; C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-10 60928]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-09 375176]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2011-10-09 147336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-04-14 325912]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2010-11-08 407424]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-31 159336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-20 838928]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-04-27 316992]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2007-04-27 206400]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-05-26 258560]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-31 235624]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2010-03-29 2363240]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-04-14 2564376]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 934760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2011-03-07 8192]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2011-04-26 14848]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2010-02-04 1558016]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-08-26 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-02 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu RSIT
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu RSIT
Zdravim a pekny den preji 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu RSIT
Log Extras.txtOTL Extras logfile created on: 21.11.2011 17:11:37 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jan Rucker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 30,26% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,81 Gb Total Space | 3,92 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,86 Gb Free Space | 93,29% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 225,51 Gb Total Space | 13,05 Gb Free Space | 5,79% Space Free | Partition Type: NTFS
Computer Name: A04-0836B | User Name: Jan Rucker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{4327107B-E95E-415C-9194-458FCED6BF12}" = Software Intel(R) PROSet/Wireless WiFi
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{67154CF5-2C33-41C2-A9F2-A4FBC29482AD}" = Wave Infrastructure Installer
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7AAA00C4-26E6-4EC0-8069-955B0A9D6009}" = Intel(R) Network Connections 15.2.89.0
"{7B7D73E7-79D5-4133-AB7A-E27BB5F64725}" = Dell Control Point 64
"{8E80AF23-17B4-4611-B28E-68A114B23488}" = Dell ControlVault Host Components Installer 64Bit
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BD-0405-1000-0000000FF1CE}" = Jazyk popisů ovládacích prvků systému Microsoft Office 2010 – čeština
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B93A5C71-1F05-47c6-A9CD-DB6183CC8B30}" = Canon MF4360-4390
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}" = Trusted Drive Manager
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Balíček ovladače systému Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Canon LBP5050" = Canon LBP5050
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"MatlabR2010b" = MATLAB R2010b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Process_Hacker2_is1" = Process Hacker 2.22
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 15.2.89.0
"Recuva" = Recuva
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit!4 ver. 4.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf11
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}" = Nokia Software Updater
"{CCB71FF8-DE82-469C-8641-44378F4443EB}" = Garmin WebUpdater
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C71AD7-80EF-4B98-A72C-2AC4FA44433C}" = Topo Pro CD1 Stavanger
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D7736EE8-AFCE-4735-BBE3-652CDFBBFCA8}_is1" = Imprudence Viewer 1.4.0 beta 1 (SSE2 optimized)
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D4364B-04E4-4541-9E32-6B82F4D05CFF}" = ManicTime
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1ED70C2-CAE4-4F42-8885-8687C74936C5}" = eDoklady Skenování 5.1.54
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8D2BE6A-B725-47CD-A931-639A24B8EF10}" = Reader 2.1
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"5513-1208-7298-9440" = JDownloader 0.9
"Altap Salamander 2.54" = Altap Salamander 2.54
"AutoHotkey" = AutoHotkey 1.1.00.00
"avast" = avast! Pro Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Emsa Save My Work_is1" = Emsa Save My Work 1.0
"Foxit Reader" = Foxit Reader
"GeoGet_is1" = GeoGet 2.6.1.658
"GLVIEW3" = OpenGL Extensions Viewer 3.0
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"Lzo-1.08_is1" = GnuWin32: Lzo version 1.08
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Miranda IM" = Miranda IM 0.9.34
"MoZiGo_is1" = IbaExe+Ssl 2011.11.09.22
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia Suite" = Nokia Suite
"NokiaFREE Unlock Codes Calculator" = NokiaFREE Unlock Codes Calculator
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenSSL_is1" = OpenSSL 0.9.8e
"OpenVPN" = OpenVPN 2.2.0
"PasswordTools" = PasswordTools
"pdfsam" = pdfsam
"PSPad editor_is1" = PSPad editor
"Reader2.1" = Reader 2.1
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP640 series" = Registrace uživatele zařízení Canon MP640 series
"TachographSimulator" = Simulador de Tacografo Digital
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 1.97.8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
[ System Events ]
Error - 20.11.2011 7:00:48 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = DCOM | ID = 10005
Description =
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = DCOM | ID = 10005
Description =
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 21.11.2011 9:09:38 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:08:15, ?21.?11.?2011) bylo neočekávané.
Error - 21.11.2011 9:09:41 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = BugCheck | ID = 1001
Description =
Error - 21.11.2011 9:10:19 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7001
Description = Služba NTRU TSS v1.2.1.29 TCS závisí na službě Služba TPM Base Services,
která neuspěla při spuštění v důsledku následující chyby: %%0
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jan Rucker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 30,26% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,81 Gb Total Space | 3,92 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,86 Gb Free Space | 93,29% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 225,51 Gb Total Space | 13,05 Gb Free Space | 5,79% Space Free | Partition Type: NTFS
Computer Name: A04-0836B | User Name: Jan Rucker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (moje)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{4327107B-E95E-415C-9194-458FCED6BF12}" = Software Intel(R) PROSet/Wireless WiFi
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{67154CF5-2C33-41C2-A9F2-A4FBC29482AD}" = Wave Infrastructure Installer
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7AAA00C4-26E6-4EC0-8069-955B0A9D6009}" = Intel(R) Network Connections 15.2.89.0
"{7B7D73E7-79D5-4133-AB7A-E27BB5F64725}" = Dell Control Point 64
"{8E80AF23-17B4-4611-B28E-68A114B23488}" = Dell ControlVault Host Components Installer 64Bit
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BD-0405-1000-0000000FF1CE}" = Jazyk popisů ovládacích prvků systému Microsoft Office 2010 – čeština
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B93A5C71-1F05-47c6-A9CD-DB6183CC8B30}" = Canon MF4360-4390
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}" = Trusted Drive Manager
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Balíček ovladače systému Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Canon LBP5050" = Canon LBP5050
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"MatlabR2010b" = MATLAB R2010b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Process_Hacker2_is1" = Process Hacker 2.22
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 15.2.89.0
"Recuva" = Recuva
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit!4 ver. 4.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf11
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}" = Nokia Software Updater
"{CCB71FF8-DE82-469C-8641-44378F4443EB}" = Garmin WebUpdater
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C71AD7-80EF-4B98-A72C-2AC4FA44433C}" = Topo Pro CD1 Stavanger
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D7736EE8-AFCE-4735-BBE3-652CDFBBFCA8}_is1" = Imprudence Viewer 1.4.0 beta 1 (SSE2 optimized)
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D4364B-04E4-4541-9E32-6B82F4D05CFF}" = ManicTime
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1ED70C2-CAE4-4F42-8885-8687C74936C5}" = eDoklady Skenování 5.1.54
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8D2BE6A-B725-47CD-A931-639A24B8EF10}" = Reader 2.1
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"5513-1208-7298-9440" = JDownloader 0.9
"Altap Salamander 2.54" = Altap Salamander 2.54
"AutoHotkey" = AutoHotkey 1.1.00.00
"avast" = avast! Pro Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Emsa Save My Work_is1" = Emsa Save My Work 1.0
"Foxit Reader" = Foxit Reader
"GeoGet_is1" = GeoGet 2.6.1.658
"GLVIEW3" = OpenGL Extensions Viewer 3.0
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"Lzo-1.08_is1" = GnuWin32: Lzo version 1.08
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Miranda IM" = Miranda IM 0.9.34
"MoZiGo_is1" = IbaExe+Ssl 2011.11.09.22
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia Suite" = Nokia Suite
"NokiaFREE Unlock Codes Calculator" = NokiaFREE Unlock Codes Calculator
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenSSL_is1" = OpenSSL 0.9.8e
"OpenVPN" = OpenVPN 2.2.0
"PasswordTools" = PasswordTools
"pdfsam" = pdfsam
"PSPad editor_is1" = PSPad editor
"Reader2.1" = Reader 2.1
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP640 series" = Registrace uživatele zařízení Canon MP640 series
"TachographSimulator" = Simulador de Tacografo Digital
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 1.97.8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
Error - 19.11.2011 22:06:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = nview_info | ID = 0
Description =
[ System Events ]
Error - 20.11.2011 7:00:48 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = DCOM | ID = 10005
Description =
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).
Error - 20.11.2011 7:00:55 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = DCOM | ID = 10005
Description =
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).
Error - 20.11.2011 7:01:04 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 21.11.2011 9:09:38 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:08:15, ?21.?11.?2011) bylo neočekávané.
Error - 21.11.2011 9:09:41 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = BugCheck | ID = 1001
Description =
Error - 21.11.2011 9:10:19 | Computer Name = a04-0836b.a04-0836b.kn.vutbr.cz | Source = Service Control Manager | ID = 7001
Description = Služba NTRU TSS v1.2.1.29 TCS závisí na službě Služba TPM Base Services,
která neuspěla při spuštění v důsledku následující chyby: %%0
< End of report >
Re: Prosím o kontrolu logu RSIT
OTL logfile created on: 21.11.2011 17:11:37 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jan Rucker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 30,26% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,81 Gb Total Space | 3,92 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,86 Gb Free Space | 93,29% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 225,51 Gb Total Space | 13,05 Gb Free Space | 5,79% Space Free | Partition Type: NTFS
Computer Name: A04-0836B | User Name: Jan Rucker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2011.11.21 13:14:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
PRC - [2011.11.09 15:05:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.11.07 18:26:58 | 000,820,309 | ---- | M] ( ) -- C:\Program Files (moje)\Miranda IM\miranda32.exe
PRC - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.10.27 10:33:32 | 000,148,016 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.09.06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.11 22:56:02 | 000,169,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
PRC - [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.04.14 10:09:50 | 002,564,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.04.14 10:09:44 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.03.02 21:46:36 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011.02.02 21:40:40 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe
PRC - [2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe
PRC - [2010.12.17 10:22:46 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.12.17 10:21:10 | 005,566,176 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.11.16 04:06:22 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010.11.01 22:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.10.15 19:07:52 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.09.02 08:57:48 | 001,774,992 | ---- | M] (ALTAP) -- C:\Program Files (x86)\Altap Salamander\salamand.exe
PRC - [2010.08.25 00:07:00 | 001,802,096 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
PRC - [2010.07.31 08:27:36 | 000,235,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.04 22:06:34 | 000,327,680 | ---- | M] (DeviceVM, Inc.) -- D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe
PRC - [2010.05.04 22:06:34 | 000,147,456 | ---- | M] (DeviceVM, Inc.) -- D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe
PRC - [2010.03.12 17:42:02 | 000,462,993 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010.03.04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.12.29 23:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.05.19 18:39:44 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2004.12.12 18:41:30 | 000,471,040 | ---- | M] (EMSA Systems) -- C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.20 09:19:10 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.09 15:05:29 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.07 18:26:28 | 000,054,361 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\zlib.dll
MOD - [2011.11.07 18:26:16 | 000,338,527 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\ICQ.dll
MOD - [2011.11.07 18:26:02 | 000,036,962 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\dbx_mmap.dll
MOD - [2011.11.07 18:25:50 | 000,061,539 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\clist_classic.dll
MOD - [2011.10.15 08:58:59 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011.10.14 02:35:50 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011.10.14 02:35:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 02:35:00 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:34:48 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.14 02:34:19 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.14 02:34:08 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.14 02:34:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.14 02:34:01 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.14 02:33:40 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.27 19:52:50 | 000,176,128 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\facebook.dll
MOD - [2011.09.08 22:47:50 | 000,094,315 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\StartupStatus.dll
MOD - [2011.09.08 22:44:54 | 000,069,745 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\AdvancedAutoAway.dll
MOD - [2011.09.08 22:06:00 | 000,114,688 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\Variables.dll
MOD - [2011.08.11 22:56:02 | 000,169,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.19 23:31:02 | 000,099,328 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\updater.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.08 14:31:58 | 000,049,152 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\ipviewer.dll
MOD - [2011.02.02 21:39:56 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011.01.04 12:11:26 | 000,563,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\WidgetLibrary.dll
MOD - [2011.01.04 12:08:14 | 001,905,664 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\styles\OviCommonStyle.dll
MOD - [2010.12.30 11:43:14 | 008,183,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtgui4.dll
MOD - [2010.12.30 11:43:12 | 002,286,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtcore4.dll
MOD - [2010.12.17 10:20:28 | 011,181,408 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.03 07:03:24 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\imageformats\qsvg4.dll
MOD - [2010.11.03 04:30:40 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\QtSvg4.dll
MOD - [2010.11.03 04:01:04 | 000,914,432 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtnetwork4.dll
MOD - [2010.11.03 03:59:40 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtxml4.dll
MOD - [2010.11.01 22:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.09.02 12:06:18 | 000,242,176 | ---- | M] () -- C:\Program Files (x86)\Altap Salamander\lang\czech.slg
MOD - [2010.09.02 12:06:18 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\Altap Salamander\plugins\uniso\lang\czech.slg
MOD - [2010.08.30 10:34:12 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.08.22 13:53:52 | 000,086,116 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\KeepStatus.dll
MOD - [2010.07.29 00:33:54 | 001,124,968 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvwimg.dll
MOD - [2010.07.29 00:33:50 | 002,452,072 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2009.07.14 16:17:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2008.04.15 22:42:54 | 000,585,728 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\historystats.dll
MOD - [2008.04.14 11:34:40 | 000,158,208 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\svc_vi.dll
MOD - [2007.05.13 11:20:20 | 000,028,160 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\mRadio.dll
MOD - [2007.01.23 15:39:18 | 000,429,056 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\crashrpt.dll
MOD - [2006.06.21 15:21:46 | 000,057,344 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\AAAIdle.dll
MOD - [2003.05.12 21:34:38 | 000,045,056 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\contactvisibility.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.10.15 19:07:52 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.25 00:07:24 | 000,517,488 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV:64bit: - [2010.07.20 01:08:30 | 001,429,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010.07.20 00:46:54 | 000,838,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010.05.26 12:54:32 | 000,258,560 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.05.26 12:53:26 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010.03.29 20:00:58 | 002,363,240 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV:64bit: - [2010.03.24 07:07:58 | 001,039,776 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV:64bit: - [2010.03.24 07:07:58 | 000,031,136 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV:64bit: - [2010.02.04 00:53:54 | 001,558,016 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.09 22:14:50 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.09 22:14:28 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.06.16 09:34:16 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.04.26 10:21:06 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011.04.14 10:09:50 | 002,564,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.04.14 10:09:44 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011.03.07 23:28:57 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011.03.02 21:46:36 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.12.17 10:24:42 | 001,112,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.11.08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.07.31 08:27:36 | 000,235,624 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.04 22:06:34 | 000,327,680 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe -- (DvmMDES)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2010.01.10 19:01:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.11.12 20:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2007.03.15 10:06:12 | 002,233,400 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe -- (AcronisOSSReinstallSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.31 17:19:49 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011.10.31 17:19:49 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.10.31 17:19:49 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.10.31 17:19:49 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.10.31 17:19:48 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.10.09 22:14:31 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.09.06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 13:12:50 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.28 09:25:00 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.26 23:21:50 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.04.26 23:21:50 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.04.26 10:21:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.02 22:14:35 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.03.02 21:46:36 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011.03.02 21:46:34 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011.03.02 21:46:34 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.09.17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010.08.20 23:58:40 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2010.07.14 13:42:58 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.07.12 13:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2010.06.21 15:07:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.06.21 12:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.05.26 12:54:38 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.04.06 09:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2010.03.21 20:25:04 | 000,081,920 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2010.03.21 20:25:04 | 000,061,952 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2010.03.21 20:25:04 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.02.26 23:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.18 14:56:26 | 000,026,160 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.01.18 14:56:26 | 000,021,040 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdfltn.sys -- (stdflt)
DRV:64bit: - [2009.09.17 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.16 23:08:48 | 000,172,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.04 21:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
DRV:64bit: - [2007.04.27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007.04.27 06:40:00 | 000,056,872 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV - [2010.09.17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2010.05.04 22:06:34 | 000,020,624 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- D:\Program Files (x86)\Dell\Reader 2.1\dvmio_x64.sys -- (DVMIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2001.11.13 09:47:26 | 000,041,324 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winio.sys -- (WINIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: gipsy@pgweb.cz:1.7.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (moje)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan Rucker\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan Rucker\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.20 13:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.16 17:35:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011.11.08 10:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 15:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.02 22:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.02 22:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.11.08 10:58:38 | 000,000,000 | ---D | M]
[2011.03.01 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Extensions
[2011.03.01 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.11.21 13:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions
[2011.10.29 19:07:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.08.31 13:00:50 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.03.01 16:20:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.22 23:19:26 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.03.01 16:20:23 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011.09.11 10:13:27 | 000,000,000 | ---D | M] ("GiPSy Flight Manager") -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\gipsy@pgweb.cz
[2011.09.26 12:44:28 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com
[2011.03.02 23:10:48 | 000,002,059 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\daemon-search.xml
[2011.11.20 09:32:27 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-1.xml
[2010.04.07 22:10:32 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-2.xml
[2010.07.01 12:17:04 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-3.xml
[2010.07.12 10:52:52 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-4.xml
[2010.07.30 14:03:10 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-5.xml
[2011.02.21 17:15:58 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-6.xml
[2010.01.25 10:06:43 | 000,000,955 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin.xml
[2011.10.27 10:12:47 | 000,002,062 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\qip-search.xml
[2011.11.09 15:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\JAN RUCKER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DXETBOOB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JAN RUCKER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DXETBOOB.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011.11.09 15:05:29 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.11.11 10:00:06 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\
O1 HOSTS File: ([2011.08.31 21:23:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [DAEMON Tools Lite] C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [ManicTime] C:\Program Files (moje)\ManicTime\ManicTime.exe (Finkit d.o.o.)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [SaveMyWork] C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe (EMSA Systems)
O4 - Startup: C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\miranda32 – zástupce.lnk = C:\Program Files (moje)\Miranda IM\miranda32.exe ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceRunOnStartMenu = 1
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Export do &Tahiti - C:\Program Files (moje)\LightComp eDoklady Skenováni\iehelper.html File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (moje)\LightComp eDoklady Skenováni\iehelper.html File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143 89.190.64.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = a04-0836b.kn.vutbr.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D292687-B27C-47C8-97D1-C1DE8EC0E2B4}: DhcpNameServer = 147.229.190.143 147.229.191.143 89.190.64.20
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.18 08:50:34 | 000,000,124 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jan Rucker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 30,26% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,81 Gb Total Space | 3,92 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,86 Gb Free Space | 93,29% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 225,51 Gb Total Space | 13,05 Gb Free Space | 5,79% Space Free | Partition Type: NTFS
Computer Name: A04-0836B | User Name: Jan Rucker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2011.11.21 13:14:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
PRC - [2011.11.09 15:05:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.11.07 18:26:58 | 000,820,309 | ---- | M] ( ) -- C:\Program Files (moje)\Miranda IM\miranda32.exe
PRC - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.10.27 10:33:32 | 000,148,016 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.09.06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.11 22:56:02 | 000,169,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
PRC - [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.04.14 10:09:50 | 002,564,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.04.14 10:09:44 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.03.02 21:46:36 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011.02.02 21:40:40 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe
PRC - [2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe
PRC - [2010.12.17 10:22:46 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.12.17 10:21:10 | 005,566,176 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.11.16 04:06:22 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010.11.01 22:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.10.15 19:07:52 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.09.02 08:57:48 | 001,774,992 | ---- | M] (ALTAP) -- C:\Program Files (x86)\Altap Salamander\salamand.exe
PRC - [2010.08.25 00:07:00 | 001,802,096 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
PRC - [2010.07.31 08:27:36 | 000,235,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.04 22:06:34 | 000,327,680 | ---- | M] (DeviceVM, Inc.) -- D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe
PRC - [2010.05.04 22:06:34 | 000,147,456 | ---- | M] (DeviceVM, Inc.) -- D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe
PRC - [2010.03.12 17:42:02 | 000,462,993 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010.03.04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.12.29 23:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.05.19 18:39:44 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2004.12.12 18:41:30 | 000,471,040 | ---- | M] (EMSA Systems) -- C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.20 09:19:10 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.09 15:05:29 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.07 18:26:28 | 000,054,361 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\zlib.dll
MOD - [2011.11.07 18:26:16 | 000,338,527 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\ICQ.dll
MOD - [2011.11.07 18:26:02 | 000,036,962 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\dbx_mmap.dll
MOD - [2011.11.07 18:25:50 | 000,061,539 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\clist_classic.dll
MOD - [2011.10.15 08:58:59 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011.10.14 02:35:50 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011.10.14 02:35:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 02:35:00 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:34:48 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.14 02:34:19 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.14 02:34:08 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.14 02:34:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.14 02:34:01 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.14 02:33:40 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.27 19:52:50 | 000,176,128 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\facebook.dll
MOD - [2011.09.08 22:47:50 | 000,094,315 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\StartupStatus.dll
MOD - [2011.09.08 22:44:54 | 000,069,745 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\AdvancedAutoAway.dll
MOD - [2011.09.08 22:06:00 | 000,114,688 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\Variables.dll
MOD - [2011.08.11 22:56:02 | 000,169,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.19 23:31:02 | 000,099,328 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\updater.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.08 14:31:58 | 000,049,152 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\ipviewer.dll
MOD - [2011.02.02 21:39:56 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011.01.04 12:11:26 | 000,563,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\WidgetLibrary.dll
MOD - [2011.01.04 12:08:14 | 001,905,664 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\styles\OviCommonStyle.dll
MOD - [2010.12.30 11:43:14 | 008,183,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtgui4.dll
MOD - [2010.12.30 11:43:12 | 002,286,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtcore4.dll
MOD - [2010.12.17 10:20:28 | 011,181,408 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.03 07:03:24 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\imageformats\qsvg4.dll
MOD - [2010.11.03 04:30:40 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\QtSvg4.dll
MOD - [2010.11.03 04:01:04 | 000,914,432 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtnetwork4.dll
MOD - [2010.11.03 03:59:40 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Updater\qtxml4.dll
MOD - [2010.11.01 22:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.09.02 12:06:18 | 000,242,176 | ---- | M] () -- C:\Program Files (x86)\Altap Salamander\lang\czech.slg
MOD - [2010.09.02 12:06:18 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\Altap Salamander\plugins\uniso\lang\czech.slg
MOD - [2010.08.30 10:34:12 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010.08.22 13:53:52 | 000,086,116 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\KeepStatus.dll
MOD - [2010.07.29 00:33:54 | 001,124,968 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvwimg.dll
MOD - [2010.07.29 00:33:50 | 002,452,072 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2009.07.14 16:17:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2008.04.15 22:42:54 | 000,585,728 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\historystats.dll
MOD - [2008.04.14 11:34:40 | 000,158,208 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\svc_vi.dll
MOD - [2007.05.13 11:20:20 | 000,028,160 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\mRadio.dll
MOD - [2007.01.23 15:39:18 | 000,429,056 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\crashrpt.dll
MOD - [2006.06.21 15:21:46 | 000,057,344 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\AAAIdle.dll
MOD - [2003.05.12 21:34:38 | 000,045,056 | ---- | M] () -- C:\Program Files (moje)\Miranda IM\Plugins\contactvisibility.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.10.15 19:07:52 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.25 00:07:24 | 000,517,488 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV:64bit: - [2010.07.20 01:08:30 | 001,429,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010.07.20 00:46:54 | 000,838,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010.05.26 12:54:32 | 000,258,560 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.05.26 12:53:26 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010.03.29 20:00:58 | 002,363,240 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV:64bit: - [2010.03.24 07:07:58 | 001,039,776 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV:64bit: - [2010.03.24 07:07:58 | 000,031,136 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV:64bit: - [2010.02.04 00:53:54 | 001,558,016 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.09 22:14:50 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011.10.09 22:14:28 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.06.16 09:34:16 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.04.26 10:21:06 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011.04.14 10:09:50 | 002,564,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.04.14 10:09:44 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011.03.07 23:28:57 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011.03.02 21:46:36 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.12.17 10:24:42 | 001,112,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.11.08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.07.31 08:27:36 | 000,235,624 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.04 22:06:34 | 000,327,680 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe -- (DvmMDES)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2010.01.10 19:01:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.11.12 20:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007.04.27 06:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007.04.27 00:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2007.03.15 10:06:12 | 002,233,400 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe -- (AcronisOSSReinstallSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.31 17:19:49 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011.10.31 17:19:49 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.10.31 17:19:49 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.10.31 17:19:49 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.10.31 17:19:48 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.10.09 22:14:31 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011.09.06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 13:12:50 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.28 09:25:00 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.26 23:21:50 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.04.26 23:21:50 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.04.26 10:21:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.02 22:14:35 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.03.02 21:46:36 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011.03.02 21:46:34 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011.03.02 21:46:34 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.09.17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010.08.20 23:58:40 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2010.07.14 13:42:58 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.07.12 13:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2010.06.21 15:07:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.06.21 12:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.05.26 12:54:38 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.04.06 09:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2010.03.21 20:25:04 | 000,081,920 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2010.03.21 20:25:04 | 000,061,952 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2010.03.21 20:25:04 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.02.26 23:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.18 14:56:26 | 000,026,160 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.01.18 14:56:26 | 000,021,040 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdfltn.sys -- (stdflt)
DRV:64bit: - [2009.09.17 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.16 23:08:48 | 000,172,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.04 21:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
DRV:64bit: - [2007.04.27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007.04.27 06:40:00 | 000,056,872 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV - [2010.09.17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2010.05.04 22:06:34 | 000,020,624 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- D:\Program Files (x86)\Dell\Reader 2.1\dvmio_x64.sys -- (DVMIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2001.11.13 09:47:26 | 000,041,324 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winio.sys -- (WINIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: gipsy@pgweb.cz:1.7.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (moje)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan Rucker\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan Rucker\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.20 13:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.16 17:35:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011.11.08 10:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 15:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.02 22:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.02 22:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.11.08 10:58:38 | 000,000,000 | ---D | M]
[2011.03.01 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Extensions
[2011.03.01 16:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.11.21 13:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions
[2011.10.29 19:07:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.08.31 13:00:50 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.03.01 16:20:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.22 23:19:26 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.03.01 16:20:23 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011.09.11 10:13:27 | 000,000,000 | ---D | M] ("GiPSy Flight Manager") -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\gipsy@pgweb.cz
[2011.09.26 12:44:28 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com
[2011.03.02 23:10:48 | 000,002,059 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\daemon-search.xml
[2011.11.20 09:32:27 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-1.xml
[2010.04.07 22:10:32 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-2.xml
[2010.07.01 12:17:04 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-3.xml
[2010.07.12 10:52:52 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-4.xml
[2010.07.30 14:03:10 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-5.xml
[2011.02.21 17:15:58 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-6.xml
[2010.01.25 10:06:43 | 000,000,955 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin.xml
[2011.10.27 10:12:47 | 000,002,062 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\qip-search.xml
[2011.11.09 15:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\JAN RUCKER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DXETBOOB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JAN RUCKER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DXETBOOB.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011.11.09 15:05:29 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.11.11 10:00:06 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: No name found = C:\Users\Jan Rucker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\
O1 HOSTS File: ([2011.08.31 21:23:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [DAEMON Tools Lite] C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [ManicTime] C:\Program Files (moje)\ManicTime\ManicTime.exe (Finkit d.o.o.)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [SaveMyWork] C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe (EMSA Systems)
O4 - Startup: C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\miranda32 – zástupce.lnk = C:\Program Files (moje)\Miranda IM\miranda32.exe ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceRunOnStartMenu = 1
O7 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Export do &Tahiti - C:\Program Files (moje)\LightComp eDoklady Skenováni\iehelper.html File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (moje)\LightComp eDoklady Skenováni\iehelper.html File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143 89.190.64.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = a04-0836b.kn.vutbr.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D292687-B27C-47C8-97D1-C1DE8EC0E2B4}: DhcpNameServer = 147.229.190.143 147.229.191.143 89.190.64.20
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.18 08:50:34 | 000,000,124 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
Re: Prosím o kontrolu logu RSIT
========== Files/Folders - Created Within 7 Days ==========
[2011.11.21 13:14:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
[2011.11.21 13:11:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.11.21 13:09:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.11.20 17:31:21 | 000,000,000 | ---D | C] -- C:\Users\Jan Rucker\Documents\New Folder
[2011.11.20 11:15:56 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\TFC.exe
[2011.11.20 10:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.20 09:19:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.20 03:06:58 | 000,000,000 | ---D | C] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
========== Files - Modified Within 7 Days ==========
[2011.11.21 17:15:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.21 17:08:18 | 000,000,600 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Local\PUTTY.RND
[2011.11.21 16:55:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job
[2011.11.21 14:16:48 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.21 14:16:47 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.21 14:09:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.21 14:09:22 | 3112,562,688 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.21 13:14:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
[2011.11.20 20:55:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job
[2011.11.20 12:04:08 | 000,007,597 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Local\Resmon.ResmonCfg
[2011.11.20 11:57:08 | 000,424,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.20 11:54:06 | 000,000,600 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\winscp.rnd
[2011.11.20 11:15:59 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\TFC.exe
[2011.11.20 11:04:35 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.20 11:04:35 | 000,631,526 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.11.20 11:04:35 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.20 11:04:35 | 000,122,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.11.20 11:04:35 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.20 10:15:43 | 000,935,175 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\RSITx64.exe
[2011.11.20 09:19:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.20 08:03:04 | 000,002,429 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\Google Chrome.lnk
[2011.11.19 21:25:19 | 000,028,752 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\The-Big-Bang-Theory-S01E03---The-Fuzzy-Boots-Corollary.srt
========== Files Created - No Company Name ==========
[2011.11.21 13:24:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.20 10:25:46 | 000,007,597 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\Resmon.ResmonCfg
[2011.11.20 10:15:36 | 000,935,175 | ---- | C] () -- C:\Users\Jan Rucker\Desktop\RSITx64.exe
[2011.11.19 21:25:18 | 000,028,752 | ---- | C] () -- C:\Users\Jan Rucker\Desktop\The-Big-Bang-Theory-S01E03---The-Fuzzy-Boots-Corollary.srt
[2011.10.29 19:08:09 | 000,000,096 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011.10.29 19:07:41 | 000,000,090 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2011.09.20 15:05:38 | 000,003,584 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.31 13:51:12 | 000,041,324 | ---- | C] () -- C:\Windows\SysWow64\winio.sys
[2011.08.31 13:49:37 | 000,000,080 | ---- | C] () -- C:\Windows\matlab.ini
[2011.07.12 00:50:50 | 000,000,412 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Roaming\All CPU Meter_Settings.ini
[2011.06.19 18:06:18 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.10 15:26:42 | 000,039,712 | ---- | C] () -- C:\Windows\SysWow64\ASL.dll
[2011.03.30 14:05:53 | 000,028,672 | ---- | C] () -- C:\Windows\lmunin2.exe
[2011.03.07 23:33:26 | 000,386,923 | ---- | C] () -- C:\Windows\KMSAct.exe
[2011.03.07 23:29:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011.03.02 08:24:37 | 000,000,600 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\PUTTY.RND
[2011.03.01 16:55:16 | 000,000,600 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Roaming\winscp.rnd
[2011.03.01 13:45:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.19 09:42:17 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2009.11.10 18:20:04 | 000,839,680 | ---- | C] () -- C:\Windows\SysWow64\DemoLicense.dll
[2009.11.10 18:07:44 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\lmgr10.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.03.02 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Acronis
[2011.11.20 03:06:58 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
[2011.03.01 13:24:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Broadcom
[2011.09.15 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Canon
[2011.06.30 17:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CD-LabelPrint
[2011.09.02 09:55:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\DAEMON Tools Lite
[2011.03.02 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Foxit Software
[2011.11.11 12:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Garmin
[2011.05.07 17:16:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GeoGet
[2011.06.30 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GHISLER
[2011.08.03 13:21:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\go
[2011.07.15 23:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Imprudence
[2011.09.15 10:34:52 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\LightComp
[2011.09.20 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit
[2011.03.08 12:12:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo
[2011.06.27 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia
[2011.06.27 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Ovi Suite
[2011.11.08 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Suite
[2011.05.18 21:03:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\O2
[2011.08.31 13:07:15 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy
[2011.09.20 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PC Suite
[2011.09.21 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\pdfforge
[2011.09.21 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Process Hacker 2
[2011.10.27 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\QIP
[2011.06.06 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Rapid Software
[2011.10.14 07:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\redsn0w
[2011.07.10 01:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\SecondLife
[2011.06.20 09:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\TeamViewer
[2011.05.15 21:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\thriXXX
[2011.03.01 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Thunderbird
[2011.08.31 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Wave Systems Corp
[2011.11.11 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\XnView
[2011.09.14 23:24:01 | 000,021,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2010.01.26 22:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011.01.19 11:27:14 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.01.19 11:27:32 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.01.19 11:27:14 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2011.01.19 11:27:19 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.01.19 11:27:32 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011.01.19 11:27:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.01.19 11:27:32 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011.01.19 11:27:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.01.19 11:27:32 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.01.19 11:27:14 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.01.19 11:27:19 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2011.01.19 11:27:14 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Drivers\storage\R268417\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_ff424d2ceda634a2\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.01.19 11:27:36 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2011.01.19 11:27:36 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2011.01.19 11:27:36 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2011.01.19 11:27:36 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.01.19 11:27:36 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.01.19 11:27:36 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011.01.19 11:27:35 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2011.01.19 11:27:35 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.01.19 11:27:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.01.19 11:27:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[16 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.03.02 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Acronis
[2011.03.26 21:03:28 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Adobe
[2011.11.20 03:06:58 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
[2011.07.27 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Apple Computer
[2011.03.01 13:24:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Broadcom
[2011.09.15 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Canon
[2011.06.30 17:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CD-LabelPrint
[2011.03.01 13:24:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Creative
[2011.03.01 16:16:28 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CyberLink
[2011.09.02 09:55:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\DAEMON Tools Lite
[2011.03.02 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Foxit Software
[2011.11.11 12:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Garmin
[2011.05.07 17:16:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GeoGet
[2011.06.30 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GHISLER
[2011.08.03 13:21:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\go
[2011.03.01 13:24:19 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Identities
[2011.07.15 23:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Imprudence
[2011.03.01 17:25:36 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Intel
[2011.03.01 13:24:56 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Intel Corporation
[2011.09.15 10:34:52 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\LightComp
[2011.03.01 13:25:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Macromedia
[2011.03.08 00:14:54 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Macrovision
[2011.06.07 16:47:16 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Malwarebytes
[2011.09.01 11:25:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MathWorks
[2011.01.19 11:02:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Media Center Programs
[2011.07.27 20:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Media Player Classic
[2011.11.11 03:27:52 | 000,000,000 | --SD | M] -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft
[2011.09.20 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit
[2011.03.08 12:12:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo
[2011.04.15 22:13:48 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla
[2011.06.27 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia
[2011.06.27 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Ovi Suite
[2011.11.08 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Suite
[2011.05.18 21:03:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\O2
[2011.08.31 13:07:15 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy
[2011.09.20 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PC Suite
[2011.09.21 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\pdfforge
[2011.09.21 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Process Hacker 2
[2011.06.30 17:05:19 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PSpad
[2011.10.27 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\QIP
[2011.06.06 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Rapid Software
[2011.05.29 17:14:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Real
[2011.10.14 07:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\redsn0w
[2011.09.26 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio
[2011.09.26 13:52:41 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio Burn
[2011.11.20 11:45:53 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio Log Files
[2011.07.10 01:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\SecondLife
[2011.11.21 17:22:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Skype
[2011.06.16 09:09:54 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\skypePM
[2011.06.20 09:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\TeamViewer
[2011.05.15 21:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\thriXXX
[2011.03.01 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Thunderbird
[2011.11.20 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\vlc
[2011.08.31 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Wave Systems Corp
[2011.11.20 13:43:48 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Winamp
[2011.03.04 00:03:40 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\WinRAR
[2011.11.11 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2011.09.20 14:00:44 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\ARPPRODUCTICON.exe
[2011.09.20 14:00:44 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2011.09.20 14:00:44 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.09.20 14:00:44 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.09.20 14:00:44 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2011.08.05 09:57:48 | 000,000,000 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit\MOBILEditUpdate.exe
[2011.01.06 11:57:30 | 000,344,576 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Barla.exe
[2011.03.06 08:30:40 | 006,934,016 | ---- | M] (Home) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\MoZiGo.exe
[2011.03.07 17:17:24 | 000,716,833 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\unins000.exe
[1999.12.21 18:42:22 | 000,064,512 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\zip.exe
[2011.01.06 11:57:30 | 000,344,576 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\backup\Barla.exe
[2011.02.06 18:17:50 | 006,632,448 | ---- | M] (Home) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\backup\MoZiGo.exe
[2010.03.18 09:46:28 | 004,428,707 | ---- | M] (Phil Harvey) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\ExifTool\ExifTool.exe
[2008.05.18 19:46:48 | 000,460,800 | ---- | M] (Irfan Skiljan) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\ExifTool\i_view32.exe
[2009.10.03 21:19:54 | 001,414,248 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\GpsBabel\GpsBabel.exe
[2011.01.05 19:46:12 | 000,835,584 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Kmz\ozimaptokmz.exe
[1999.12.21 16:42:22 | 000,064,512 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Kmz\zip.exe
[2011.01.19 22:54:04 | 000,671,232 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Mapky\Mapky.exe
[2008.10.24 11:50:00 | 001,519,616 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\MoBiGen\MobiGen.exe
[2009.05.06 20:32:00 | 000,052,224 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\PPC\MoZ.exe
[2010.02.12 22:57:04 | 000,779,776 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Websrv\MaZuWeb.exe
[2008.08.29 09:01:22 | 000,018,040 | ---- | M] ( ) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg.exe
[2008.08.29 09:01:22 | 000,013,880 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg_bootstrap.exe
[2011.05.19 10:06:56 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2011.05.16 12:31:42 | 000,070,984 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
[2011.08.31 13:07:16 | 000,416,160 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy\OpenCandy_601D09E896024188AD20F89EA09FD06A\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy\OpenCandy_601D09E896024188AD20F89EA09FD06A\pcspeedup.exe
[2011.11.11 13:25:26 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.11.11 16:26:00 | 025,881,552 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer.exe
[2011.11.11 16:25:32 | 000,684,288 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.20 09:19:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.11.21 14:12:45 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"SaveMyWork" = C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe -- [2004.12.12 18:41:30 | 000,471,040 | ---- | M] (EMSA Systems)
"DAEMON Tools Lite" = "C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Jan Rucker\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.09 11:50:43 | 000,136,176 | ---- | M] (Google Inc.)
"ManicTime" = C:\Program Files (moje)\ManicTime\ManicTime.exe /minimized /name: -- [2011.10.26 08:24:18 | 000,248,656 | ---- | M] (Finkit d.o.o.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 09:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)
"" =
"NokiaSuite.exe" = C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2011.11.01 15:40:04 | 001,053,056 | ---- | M] (Nokia)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.21 17:15:21 | 000,000,512 | ---- | M] () MD5=82AEB780BDF6E7C6E8A424A7E6AE4520 -- C:\PhysicalMBR.bin
[2011.11.21 13:14:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
[2011.11.21 13:11:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.11.21 13:09:37 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.11.20 17:31:21 | 000,000,000 | ---D | C] -- C:\Users\Jan Rucker\Documents\New Folder
[2011.11.20 11:15:56 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\TFC.exe
[2011.11.20 10:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.20 09:19:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.20 03:06:58 | 000,000,000 | ---D | C] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
========== Files - Modified Within 7 Days ==========
[2011.11.21 17:15:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.21 17:08:18 | 000,000,600 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Local\PUTTY.RND
[2011.11.21 16:55:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job
[2011.11.21 14:16:48 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.21 14:16:47 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.21 14:09:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.21 14:09:22 | 3112,562,688 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.21 13:14:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\OTL.exe
[2011.11.20 20:55:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job
[2011.11.20 12:04:08 | 000,007,597 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Local\Resmon.ResmonCfg
[2011.11.20 11:57:08 | 000,424,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.20 11:54:06 | 000,000,600 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\winscp.rnd
[2011.11.20 11:15:59 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Rucker\Desktop\TFC.exe
[2011.11.20 11:04:35 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.20 11:04:35 | 000,631,526 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.11.20 11:04:35 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.20 11:04:35 | 000,122,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.11.20 11:04:35 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.20 10:15:43 | 000,935,175 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\RSITx64.exe
[2011.11.20 09:19:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.20 08:03:04 | 000,002,429 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\Google Chrome.lnk
[2011.11.19 21:25:19 | 000,028,752 | ---- | M] () -- C:\Users\Jan Rucker\Desktop\The-Big-Bang-Theory-S01E03---The-Fuzzy-Boots-Corollary.srt
========== Files Created - No Company Name ==========
[2011.11.21 13:24:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.20 10:25:46 | 000,007,597 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\Resmon.ResmonCfg
[2011.11.20 10:15:36 | 000,935,175 | ---- | C] () -- C:\Users\Jan Rucker\Desktop\RSITx64.exe
[2011.11.19 21:25:18 | 000,028,752 | ---- | C] () -- C:\Users\Jan Rucker\Desktop\The-Big-Bang-Theory-S01E03---The-Fuzzy-Boots-Corollary.srt
[2011.10.29 19:08:09 | 000,000,096 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011.10.29 19:07:41 | 000,000,090 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2011.09.20 15:05:38 | 000,003,584 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.31 13:51:12 | 000,041,324 | ---- | C] () -- C:\Windows\SysWow64\winio.sys
[2011.08.31 13:49:37 | 000,000,080 | ---- | C] () -- C:\Windows\matlab.ini
[2011.07.12 00:50:50 | 000,000,412 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Roaming\All CPU Meter_Settings.ini
[2011.06.19 18:06:18 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.10 15:26:42 | 000,039,712 | ---- | C] () -- C:\Windows\SysWow64\ASL.dll
[2011.03.30 14:05:53 | 000,028,672 | ---- | C] () -- C:\Windows\lmunin2.exe
[2011.03.07 23:33:26 | 000,386,923 | ---- | C] () -- C:\Windows\KMSAct.exe
[2011.03.07 23:29:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011.03.02 08:24:37 | 000,000,600 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Local\PUTTY.RND
[2011.03.01 16:55:16 | 000,000,600 | ---- | C] () -- C:\Users\Jan Rucker\AppData\Roaming\winscp.rnd
[2011.03.01 13:45:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.19 09:42:17 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2009.11.10 18:20:04 | 000,839,680 | ---- | C] () -- C:\Windows\SysWow64\DemoLicense.dll
[2009.11.10 18:07:44 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\lmgr10.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.03.02 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Acronis
[2011.11.20 03:06:58 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
[2011.03.01 13:24:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Broadcom
[2011.09.15 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Canon
[2011.06.30 17:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CD-LabelPrint
[2011.09.02 09:55:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\DAEMON Tools Lite
[2011.03.02 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Foxit Software
[2011.11.11 12:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Garmin
[2011.05.07 17:16:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GeoGet
[2011.06.30 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GHISLER
[2011.08.03 13:21:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\go
[2011.07.15 23:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Imprudence
[2011.09.15 10:34:52 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\LightComp
[2011.09.20 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit
[2011.03.08 12:12:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo
[2011.06.27 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia
[2011.06.27 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Ovi Suite
[2011.11.08 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Suite
[2011.05.18 21:03:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\O2
[2011.08.31 13:07:15 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy
[2011.09.20 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PC Suite
[2011.09.21 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\pdfforge
[2011.09.21 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Process Hacker 2
[2011.10.27 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\QIP
[2011.06.06 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Rapid Software
[2011.10.14 07:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\redsn0w
[2011.07.10 01:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\SecondLife
[2011.06.20 09:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\TeamViewer
[2011.05.15 21:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\thriXXX
[2011.03.01 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Thunderbird
[2011.08.31 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Wave Systems Corp
[2011.11.11 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\XnView
[2011.09.14 23:24:01 | 000,021,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2010.01.26 22:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011.01.19 11:27:14 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.01.19 11:27:32 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.01.19 11:27:14 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2011.01.19 11:27:19 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.01.19 11:27:32 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011.01.19 11:27:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.01.19 11:27:32 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011.01.19 11:27:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.01.19 11:27:32 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.01.19 11:27:14 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.01.19 11:27:19 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2011.01.19 11:27:14 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Drivers\storage\R268417\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_ff424d2ceda634a2\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.01.19 11:27:36 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2011.01.19 11:27:36 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2011.01.19 11:27:36 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2011.01.19 11:27:36 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.01.19 11:27:36 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.01.19 11:27:36 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011.01.19 11:27:35 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2011.01.19 11:27:35 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.01.19 11:27:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.01.19 11:27:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[16 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.03.02 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Acronis
[2011.03.26 21:03:28 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Adobe
[2011.11.20 03:06:58 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Altap
[2011.07.27 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Apple Computer
[2011.03.01 13:24:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Broadcom
[2011.09.15 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Canon
[2011.06.30 17:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CD-LabelPrint
[2011.03.01 13:24:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Creative
[2011.03.01 16:16:28 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\CyberLink
[2011.09.02 09:55:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\DAEMON Tools Lite
[2011.03.02 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Foxit Software
[2011.11.11 12:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Garmin
[2011.05.07 17:16:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GeoGet
[2011.06.30 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\GHISLER
[2011.08.03 13:21:09 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\go
[2011.03.01 13:24:19 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Identities
[2011.07.15 23:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Imprudence
[2011.03.01 17:25:36 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Intel
[2011.03.01 13:24:56 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Intel Corporation
[2011.09.15 10:34:52 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\LightComp
[2011.03.01 13:25:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Macromedia
[2011.03.08 00:14:54 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Macrovision
[2011.06.07 16:47:16 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Malwarebytes
[2011.09.01 11:25:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MathWorks
[2011.01.19 11:02:42 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Media Center Programs
[2011.07.27 20:39:59 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Media Player Classic
[2011.11.11 03:27:52 | 000,000,000 | --SD | M] -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft
[2011.09.20 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit
[2011.03.08 12:12:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo
[2011.04.15 22:13:48 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla
[2011.06.27 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia
[2011.06.27 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Ovi Suite
[2011.11.08 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Nokia Suite
[2011.05.18 21:03:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\O2
[2011.08.31 13:07:15 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy
[2011.09.20 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PC Suite
[2011.09.21 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\pdfforge
[2011.09.21 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Process Hacker 2
[2011.06.30 17:05:19 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\PSpad
[2011.10.27 10:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\QIP
[2011.06.06 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Rapid Software
[2011.05.29 17:14:05 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Real
[2011.10.14 07:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\redsn0w
[2011.09.26 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio
[2011.09.26 13:52:41 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio Burn
[2011.11.20 11:45:53 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Roxio Log Files
[2011.07.10 01:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\SecondLife
[2011.11.21 17:22:45 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Skype
[2011.06.16 09:09:54 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\skypePM
[2011.06.20 09:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\TeamViewer
[2011.05.15 21:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\thriXXX
[2011.03.01 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Thunderbird
[2011.11.20 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\vlc
[2011.08.31 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Wave Systems Corp
[2011.11.20 13:43:48 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\Winamp
[2011.03.04 00:03:40 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\WinRAR
[2011.11.11 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Jan Rucker\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2011.09.20 14:00:44 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\ARPPRODUCTICON.exe
[2011.09.20 14:00:44 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2011.09.20 14:00:44 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.09.20 14:00:44 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.09.20 14:00:44 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Installer\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2011.08.05 09:57:48 | 000,000,000 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MOBILedit\MOBILEditUpdate.exe
[2011.01.06 11:57:30 | 000,344,576 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Barla.exe
[2011.03.06 08:30:40 | 006,934,016 | ---- | M] (Home) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\MoZiGo.exe
[2011.03.07 17:17:24 | 000,716,833 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\unins000.exe
[1999.12.21 18:42:22 | 000,064,512 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\zip.exe
[2011.01.06 11:57:30 | 000,344,576 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\backup\Barla.exe
[2011.02.06 18:17:50 | 006,632,448 | ---- | M] (Home) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\backup\MoZiGo.exe
[2010.03.18 09:46:28 | 004,428,707 | ---- | M] (Phil Harvey) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\ExifTool\ExifTool.exe
[2008.05.18 19:46:48 | 000,460,800 | ---- | M] (Irfan Skiljan) -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\ExifTool\i_view32.exe
[2009.10.03 21:19:54 | 001,414,248 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\GpsBabel\GpsBabel.exe
[2011.01.05 19:46:12 | 000,835,584 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Kmz\ozimaptokmz.exe
[1999.12.21 16:42:22 | 000,064,512 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Kmz\zip.exe
[2011.01.19 22:54:04 | 000,671,232 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Mapky\Mapky.exe
[2008.10.24 11:50:00 | 001,519,616 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\MoBiGen\MobiGen.exe
[2009.05.06 20:32:00 | 000,052,224 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\PPC\MoZ.exe
[2010.02.12 22:57:04 | 000,779,776 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\MoZiGo\Websrv\MaZuWeb.exe
[2008.08.29 09:01:22 | 000,018,040 | ---- | M] ( ) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg.exe
[2008.08.29 09:01:22 | 000,013,880 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg_bootstrap.exe
[2011.05.19 10:06:56 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2011.05.16 12:31:42 | 000,070,984 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
[2011.08.31 13:07:16 | 000,416,160 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy\OpenCandy_601D09E896024188AD20F89EA09FD06A\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Jan Rucker\AppData\Roaming\OpenCandy\OpenCandy_601D09E896024188AD20F89EA09FD06A\pcspeedup.exe
[2011.11.11 13:25:26 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.11.11 16:26:00 | 025,881,552 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer.exe
[2011.11.11 16:25:32 | 000,684,288 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jan Rucker\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.20 09:19:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.11.21 14:12:45 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"SaveMyWork" = C:\Program Files (moje)\Emsa Save My Work\SaveMyWork.exe -- [2004.12.12 18:41:30 | 000,471,040 | ---- | M] (EMSA Systems)
"DAEMON Tools Lite" = "C:\Program Files (moje)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Jan Rucker\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.09 11:50:43 | 000,136,176 | ---- | M] (Google Inc.)
"ManicTime" = C:\Program Files (moje)\ManicTime\ManicTime.exe /minimized /name: -- [2011.10.26 08:24:18 | 000,248,656 | ---- | M] (Finkit d.o.o.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 09:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)
"" =
"NokiaSuite.exe" = C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2011.11.01 15:40:04 | 001,053,056 | ---- | M] (Nokia)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.21 17:15:21 | 000,000,512 | ---- | M] () MD5=82AEB780BDF6E7C6E8A424A7E6AE4520 -- C:\PhysicalMBR.bin
Re: Prosím o kontrolu logu RSIT
< >
< *crack* /s >
[2011.11.02 10:49:20 | 000,004,328 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2001.02.09 12:03:10 | 000,000,483 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\crackb.m
[2003.10.21 07:26:04 | 000,002,931 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\crackg.m
[2005.03.07 12:35:58 | 000,000,091 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\ja\crackb.m
[2005.03.07 12:35:58 | 000,000,582 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\ja\crackg.m
[2011.08.29 23:27:55 | 000,017,910 | ---- | M] () -- \Program Files (moje)\MoZiGo\HTM\Louskacek _ NutCracker_GCJ9B8.htm
[2002.01.24 23:03:30 | 000,012,288 | ---- | M] () -- \Program Files (x86)\totalcommader\Crack.exe
[2002.01.24 23:07:58 | 000,000,181 | ---- | M] () -- \Program Files (x86)\totalcommader\Crack.exe.sig
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\Jan Rucker\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
< *keygen* /s >
< *loader* /s >
[2011.11.02 10:49:20 | 000,214,528 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloader.exe
[2011.11.02 10:49:20 | 000,593,293 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloader.jar
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloaderBETA.exe
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloaderD3D.exe
[2011.11.11 10:00:41 | 000,000,105 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.11.02 10:49:20 | 000,007,069 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.11.02 10:49:20 | 000,032,222 | ---- | M] () -- \Program Files (moje)\JDownloader\licenses\jdownloader.license
[2009.11.05 20:42:58 | 000,026,669 | ---- | M] () -- \Program Files (moje)\LightComp eDoklady Skenováni\chrome\pageloader.jar
[2009.11.05 19:30:24 | 000,000,048 | ---- | M] () -- \Program Files (moje)\LightComp eDoklady Skenováni\chrome\pageloader.manifest
[2010.07.12 23:20:42 | 000,000,816 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\bin\registry\dotnetcli_loader.xml
[2010.08.02 15:40:12 | 000,008,704 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\bin\win64\dotnetcli_loader.dll
[2010.07.12 21:15:40 | 000,014,105 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\help\toolbox\javabuilder\MWArrayAPI\com\mathworks\toolbox\javabuilder\MWCtfClassLoaderSource.html
[2009.09.21 06:46:08 | 000,015,003 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 13:21:36 | 000,000,727 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\ByteLoader.pm
[2010.01.26 21:16:30 | 000,027,274 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\DynaLoader.pm
[2008.10.25 14:58:38 | 000,017,776 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\SelfLoader.pm
[2010.01.26 21:16:30 | 000,010,882 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\XSLoader.pm
[2010.01.26 21:18:04 | 000,032,875 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2008.06.07 07:04:56 | 000,001,378 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2010.02.17 13:46:06 | 000,008,886 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\datafeed\datafeed\rdthloader.m
[2010.02.17 13:46:06 | 000,009,314 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\datafeed\datafeed\rnseloader.m
[2010.01.31 22:11:52 | 000,011,380 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\instrument\instrument\private\privateIviComLoader.m
[2008.10.08 12:14:06 | 000,000,257 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\local\classloader.txt
[2008.03.13 13:38:08 | 000,609,990 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\front_loader.bmp
[2009.12.31 13:57:46 | 000,203,729 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\sh_front_loader_actuation_system.mdl
[2010.06.30 02:05:16 | 000,004,356 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.html
[2010.06.30 02:05:16 | 000,006,028 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.png
[2010.06.30 02:05:04 | 000,192,438 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system_01.png
[2010.08.08 22:39:12 | 000,008,192 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\symbolic\symbolic\mupadmexunloader.mexw64
[2010.04.21 17:19:44 | 000,003,482 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\systemtest\systemtest\+systest\+internal\+loading\@TestLoader\TestLoader.m
[2010.05.26 10:46:58 | 000,159,912 | ---- | M] () -- \Program Files (moje)\MOBILedit!4\WebVideoDownloader.exe
[2011.09.05 13:46:19 | 000,015,810 | ---- | M] () -- \Program Files (moje)\MoZiGo\HTM\Wunderwanderweg Station 5 Heavy loaders_GC2Z1FR.htm
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.12.29 23:36:06 | 000,011,177 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD DX\mm\MediaCtrl\ImageLoader.kc
[2008.12.02 18:02:08 | 000,081,920 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\uploader.crl
[2008.12.02 18:10:04 | 000,405,504 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\UtubeUploader.dll
[2011.06.05 17:40:30 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.04.26 10:28:20 | 000,009,885 | ---- | M] () -- \Program Files (x86)\vizi\Virtual CRASH 22\Shapes\c - vehicles 3d\b - medium\g - heavy machine\Caterpillar Wheel Loader.png
[2011.04.26 10:28:20 | 000,570,271 | ---- | M] () -- \Program Files (x86)\vizi\Virtual CRASH 22\Shapes\c - vehicles 3d\b - medium\g - heavy machine\Caterpillar Wheel Loader.vcm
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.03.15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.11.11 09:59:43 | 000,001,763 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.11.11 09:59:43 | 000,001,742 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.11.11 09:59:43 | 000,001,784 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.03.16 17:35:47 | 000,001,399 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.03.16 17:35:47 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.11.11 09:59:43 | 000,001,763 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.11.11 09:59:43 | 000,001,742 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.11.11 09:59:43 | 000,001,784 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.03.16 17:35:47 | 000,001,399 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.03.16 17:35:47 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.11.11 09:52:48 | 026,685,568 | ---- | M] () -- \Users\Jan Rucker\Desktop\JDownloaderSetup.exe
[2011.08.31 13:23:37 | 000,005,318 | ---- | M] () -- \Users\Jan Rucker\Documents\Add-in Express\adxloader.log
[2010.05.26 09:49:10 | 000,065,936 | ---- | M] () -- \Users\Public\Documents\MobilEdit!\Czech\WebInfo\MOBILedit!_files\downloader_screen.jpg
[2010.05.26 09:49:10 | 000,065,936 | ---- | M] () -- \Users\Public\Documents\MobilEdit!\English\WebInfo\MOBILedit!_files\downloader_screen.jpg
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2011.04.29 01:29:46 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\C09AA69C0ED973C4292F94CCF38E3C03\3.0.495\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.04.14 10:35:32 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-3630257376-3087971153-16267649-1000\FECF7F8A6AC39EC4F8AEB81BF868680F\2.7.4\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.17 16:14:22 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.17 16:14:22 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.17 16:14:22 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.17 16:14:22 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.17 16:14:22 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
< *crack* /s >
[2011.11.02 10:49:20 | 000,004,328 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2001.02.09 12:03:10 | 000,000,483 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\crackb.m
[2003.10.21 07:26:04 | 000,002,931 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\crackg.m
[2005.03.07 12:35:58 | 000,000,091 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\ja\crackb.m
[2005.03.07 12:35:58 | 000,000,582 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\pde\ja\crackg.m
[2011.08.29 23:27:55 | 000,017,910 | ---- | M] () -- \Program Files (moje)\MoZiGo\HTM\Louskacek _ NutCracker_GCJ9B8.htm
[2002.01.24 23:03:30 | 000,012,288 | ---- | M] () -- \Program Files (x86)\totalcommader\Crack.exe
[2002.01.24 23:07:58 | 000,000,181 | ---- | M] () -- \Program Files (x86)\totalcommader\Crack.exe.sig
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\Jan Rucker\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
< *keygen* /s >
< *loader* /s >
[2011.11.02 10:49:20 | 000,214,528 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloader.exe
[2011.11.02 10:49:20 | 000,593,293 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloader.jar
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloaderBETA.exe
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files (moje)\JDownloader\JDownloaderD3D.exe
[2011.11.11 10:00:41 | 000,000,105 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.11.02 10:49:20 | 000,007,069 | ---- | M] () -- \Program Files (moje)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.11.02 10:49:20 | 000,032,222 | ---- | M] () -- \Program Files (moje)\JDownloader\licenses\jdownloader.license
[2009.11.05 20:42:58 | 000,026,669 | ---- | M] () -- \Program Files (moje)\LightComp eDoklady Skenováni\chrome\pageloader.jar
[2009.11.05 19:30:24 | 000,000,048 | ---- | M] () -- \Program Files (moje)\LightComp eDoklady Skenováni\chrome\pageloader.manifest
[2010.07.12 23:20:42 | 000,000,816 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\bin\registry\dotnetcli_loader.xml
[2010.08.02 15:40:12 | 000,008,704 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\bin\win64\dotnetcli_loader.dll
[2010.07.12 21:15:40 | 000,014,105 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\help\toolbox\javabuilder\MWArrayAPI\com\mathworks\toolbox\javabuilder\MWCtfClassLoaderSource.html
[2009.09.21 06:46:08 | 000,015,003 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 13:21:36 | 000,000,727 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\ByteLoader.pm
[2010.01.26 21:16:30 | 000,027,274 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\DynaLoader.pm
[2008.10.25 14:58:38 | 000,017,776 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\SelfLoader.pm
[2010.01.26 21:16:30 | 000,010,882 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\XSLoader.pm
[2010.01.26 21:18:04 | 000,032,875 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2008.06.07 07:04:56 | 000,001,378 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2010.02.17 13:46:06 | 000,008,886 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\datafeed\datafeed\rdthloader.m
[2010.02.17 13:46:06 | 000,009,314 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\datafeed\datafeed\rnseloader.m
[2010.01.31 22:11:52 | 000,011,380 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\instrument\instrument\private\privateIviComLoader.m
[2008.10.08 12:14:06 | 000,000,257 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\local\classloader.txt
[2008.03.13 13:38:08 | 000,609,990 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\front_loader.bmp
[2009.12.31 13:57:46 | 000,203,729 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\sh_front_loader_actuation_system.mdl
[2010.06.30 02:05:16 | 000,004,356 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.html
[2010.06.30 02:05:16 | 000,006,028 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.png
[2010.06.30 02:05:04 | 000,192,438 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system_01.png
[2010.08.08 22:39:12 | 000,008,192 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\symbolic\symbolic\mupadmexunloader.mexw64
[2010.04.21 17:19:44 | 000,003,482 | ---- | M] () -- \Program Files (moje)\MATLAB\R2010b\toolbox\systemtest\systemtest\+systest\+internal\+loading\@TestLoader\TestLoader.m
[2010.05.26 10:46:58 | 000,159,912 | ---- | M] () -- \Program Files (moje)\MOBILedit!4\WebVideoDownloader.exe
[2011.09.05 13:46:19 | 000,015,810 | ---- | M] () -- \Program Files (moje)\MoZiGo\HTM\Wunderwanderweg Station 5 Heavy loaders_GC2Z1FR.htm
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.12.29 23:36:06 | 000,011,177 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD DX\mm\MediaCtrl\ImageLoader.kc
[2008.12.02 18:02:08 | 000,081,920 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\uploader.crl
[2008.12.02 18:10:04 | 000,405,504 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\UtubeUploader.dll
[2011.06.05 17:40:30 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.04.26 10:28:20 | 000,009,885 | ---- | M] () -- \Program Files (x86)\vizi\Virtual CRASH 22\Shapes\c - vehicles 3d\b - medium\g - heavy machine\Caterpillar Wheel Loader.png
[2011.04.26 10:28:20 | 000,570,271 | ---- | M] () -- \Program Files (x86)\vizi\Virtual CRASH 22\Shapes\c - vehicles 3d\b - medium\g - heavy machine\Caterpillar Wheel Loader.vcm
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.03.15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.11.11 09:59:43 | 000,001,763 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.11.11 09:59:43 | 000,001,742 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.11.11 09:59:43 | 000,001,784 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.03.16 17:35:47 | 000,001,399 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.03.16 17:35:47 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.11.11 09:59:43 | 000,001,763 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.11.11 09:59:43 | 000,001,742 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.11.11 09:59:43 | 000,001,784 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.03.16 17:35:47 | 000,001,399 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.03.16 17:35:47 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.08.31 13:07:14 | 000,057,728 | ---- | M] () -- \Users\Jan Rucker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.11.11 09:52:48 | 026,685,568 | ---- | M] () -- \Users\Jan Rucker\Desktop\JDownloaderSetup.exe
[2011.08.31 13:23:37 | 000,005,318 | ---- | M] () -- \Users\Jan Rucker\Documents\Add-in Express\adxloader.log
[2010.05.26 09:49:10 | 000,065,936 | ---- | M] () -- \Users\Public\Documents\MobilEdit!\Czech\WebInfo\MOBILedit!_files\downloader_screen.jpg
[2010.05.26 09:49:10 | 000,065,936 | ---- | M] () -- \Users\Public\Documents\MobilEdit!\English\WebInfo\MOBILedit!_files\downloader_screen.jpg
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2011.04.29 01:29:46 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\C09AA69C0ED973C4292F94CCF38E3C03\3.0.495\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.04.14 10:35:32 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-3630257376-3087971153-16267649-1000\FECF7F8A6AC39EC4F8AEB81BF868680F\2.7.4\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.17 16:14:22 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.17 16:14:22 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.17 16:14:22 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.17 16:14:22 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.17 16:14:22 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: Prosím o kontrolu logu RSIT
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" [2011.09.22 23:19:26 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} [2011.03.02 23:10:48 | 000,002,059 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\daemon-search.xml [2011.11.20 09:32:27 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-1.xml [2010.04.07 22:10:32 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-2.xml [2010.07.01 12:17:04 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-3.xml [2010.07.12 10:52:52 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-4.xml [2010.07.30 14:03:10 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-5.xml [2011.02.21 17:15:58 | 000,000,950 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-6.xml [2010.01.25 10:06:43 | 000,000,955 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin.xml [2011.10.27 10:12:47 | 000,002,062 | ---- | M] () -- C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\qip-search.xml CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000..\Run: [] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O15 - HKU\S-1-5-21-3630257376-3087971153-16267649-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found [3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "Google Update"=- "Infium"=- "Skype"=- ""=- "NokiaSuite.exe"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "NSU_agent"=- "Desktop Disc Tool"=- "APSDaemon"=- "iTunesHelper"=- "QuickTime Task"=- "facemoods"=- :files C:\Program Files (x86)\facemoods.com C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job C:\Program Files (x86)\Ask.com %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu RSIT
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "http://search.icq.com/search/afe_result ... id=afex&q=" removed from keyword.URL
Prefs.js: "chr-greentree_ff&type=971163" removed from browser.search.param.yahoo-fr
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\qip-search.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A6F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9DD4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP31DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP478A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP61CC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI7DAD.tmp deleted successfully.
C:\Windows\Installer\MSI9C8A.tmp deleted successfully.
C:\Windows\Installer\MSID674.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NSU_agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Desktop Disc Tool deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\APSDaemon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\facemoods not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\facemoods.com not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jan Rucker
->Temp folder emptied: 12645385 bytes
->Temporary Internet Files folder emptied: 9141847 bytes
->Java cache emptied: 1731842 bytes
->FireFox cache emptied: 98360583 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 2287616 bytes
->Flash cache emptied: 1143 bytes
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 534683 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 575759444 bytes
Total Files Cleaned = 668,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Jan Rucker
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 11212011_225202
Files\Folders moved on Reboot...
C:\Users\Jan Rucker\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\gnserv.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\spserv.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "http://search.icq.com/search/afe_result ... id=afex&q=" removed from keyword.URL
Prefs.js: "chr-greentree_ff&type=971163" removed from browser.search.param.yahoo-fr
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Jan Rucker\AppData\Roaming\Mozilla\Firefox\Profiles\dxetboob.default\searchplugins\qip-search.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\Jan Rucker\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3630257376-3087971153-16267649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A6F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9DD4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP31DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP478A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP61CC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI7DAD.tmp deleted successfully.
C:\Windows\Installer\MSI9C8A.tmp deleted successfully.
C:\Windows\Installer\MSID674.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NSU_agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Desktop Disc Tool deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\APSDaemon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\facemoods not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\facemoods.com not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630257376-3087971153-16267649-1000UA.job moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jan Rucker
->Temp folder emptied: 12645385 bytes
->Temporary Internet Files folder emptied: 9141847 bytes
->Java cache emptied: 1731842 bytes
->FireFox cache emptied: 98360583 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 2287616 bytes
->Flash cache emptied: 1143 bytes
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 534683 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 575759444 bytes
Total Files Cleaned = 668,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Jan Rucker
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 11212011_225202
Files\Folders moved on Reboot...
C:\Users\Jan Rucker\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\gnserv.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\spserv.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu RSIT
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu RSIT
Dekuji za pomoc je to lepší.
je to lepší.Re: Prosím o kontrolu logu RSIT
Nemate zac, rad jsem pomohl 
Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?