drasticke zpomaleni pocitace

Zpráva

3zeeboom · #1 Příspěvek od **3zeeboom** » 18 led 2012 00:13

dobry den, posledni dobou se mi nechutne zpomalil pocitac a procesor je neustale vytizeny.. prosim o kontrolu zda nejde o vir

Logfile of random's system information tool 1.09 (written by random/random)
Run by stepan at 2012-01-18 00:09:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (6%) free of 280 GB
Total RAM: 3886 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:09:56, on 18.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\stepan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: pageshotsbho - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x86.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [TouchFreeze] C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-100895179-993598218-3902160186-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-100895179-993598218-3902160186-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12296 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\FSP\FspUip.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5544.c9133f0.2105381054 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.9.0.1 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 5544 "\\.\pipe\gecko-crash-server-pipe.5544" plugin
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe40_ Global\UsGthrCtrlFltPipeMssGthrPipe40 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\stepan\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/"
prefs.js - "extensions.enabledItems" - "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.7&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28CF50DA-4A17-4442-BBF9-D916BFDE072C}]
Pageshots for Internet Explorer PRO - C:\ProgramData\PageshotsPro\pageshots_x64.dll [2010-12-22 227640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28CF50DA-4A17-4442-BBF9-D916BFDE072C}]
Pageshots for Internet Explorer PRO - C:\ProgramData\PageshotsPro\pageshots_x86.dll [2010-12-22 197432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-04-22 19645704]
"fspuip"=C:\Program Files\FSP\fspuip.exe [2009-12-17 3768832]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-08-31 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-08-31 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-08-31 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-08-29 3077528]
"TouchFreeze"=C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe [2005-04-29 45056]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880]
"ICQ"=C:\Program Files (x86)\ICQ7.4\ICQ.exe [2011-03-01 119608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-06-18 2486272]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"DivX Download Manager"=C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe start []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-09-29 929680]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-09-29 3508112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-08-31 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-18 00:09:50 ----D---- C:\Program Files\trend micro
2012-01-18 00:09:49 ----D---- C:\rsit
2012-01-11 11:40:28 ----A---- C:\windows\SYSWOW64\quartz.dll
2012-01-11 11:40:28 ----A---- C:\windows\SYSWOW64\qdvd.dll
2012-01-11 11:40:28 ----A---- C:\windows\system32\quartz.dll
2012-01-11 11:40:28 ----A---- C:\windows\system32\qdvd.dll
2012-01-11 11:40:06 ----A---- C:\windows\system32\schannel.dll
2012-01-11 11:40:05 ----A---- C:\windows\SYSWOW64\webio.dll
2012-01-11 11:40:05 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-01-11 11:40:05 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-01-11 11:40:05 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\webio.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\sspisrv.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\sspicli.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\secur32.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\lsass.exe
2012-01-11 11:40:05 ----A---- C:\windows\system32\lsasrv.dll
2012-01-11 11:40:05 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-01-11 11:40:05 ----A---- C:\windows\system32\drivers\ksecdd.sys
2012-01-11 11:40:05 ----A---- C:\windows\system32\drivers\cng.sys
2012-01-11 11:39:58 ----A---- C:\windows\SYSWOW64\ntdll.dll
2012-01-11 11:39:58 ----A---- C:\windows\system32\ntdll.dll
2012-01-11 11:39:45 ----A---- C:\windows\SYSWOW64\packager.dll
2012-01-11 11:39:45 ----A---- C:\windows\system32\packager.dll
2012-01-07 11:07:33 ----D---- C:\ProgramData\McAfee
2012-01-07 11:07:32 ----D---- C:\windows\system32\Macromed
2011-12-20 16:15:12 ----HD---- C:\ProgramData\CanonBJ
2011-12-19 15:44:59 ----A---- C:\windows\SYSWOW64\javaws.exe
2011-12-19 15:44:59 ----A---- C:\windows\SYSWOW64\javaw.exe
2011-12-19 15:44:59 ----A---- C:\windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2012-01-18 00:09:51 ----D---- C:\windows\Temp
2012-01-18 00:09:50 ----RD---- C:\Program Files
2012-01-18 00:08:26 ----D---- C:\ProgramData\PMB Files
2012-01-18 00:04:28 ----D---- C:\Users\stepan\AppData\Roaming\Skype
2012-01-17 19:56:10 ----D---- C:\windows\system32\config
2012-01-17 19:55:35 ----A---- C:\windows\SYSWOW64\log.txt
2012-01-17 14:25:19 ----D---- C:\Users\stepan\AppData\Roaming\ICQ
2012-01-17 10:43:00 ----SHD---- C:\System Volume Information
2012-01-16 19:59:25 ----D---- C:\windows\System32
2012-01-16 19:59:25 ----D---- C:\windows\inf
2012-01-16 19:59:25 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-01-16 14:08:54 ----D---- C:\windows\Microsoft.NET
2012-01-16 11:11:22 ----SHD---- C:\windows\Installer
2012-01-16 11:11:21 ----D---- C:\windows\SysWOW64
2012-01-16 11:11:21 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2012-01-16 11:11:00 ----RSD---- C:\windows\assembly
2012-01-14 10:44:47 ----D---- C:\windows\Prefetch
2012-01-11 16:50:41 ----D---- C:\windows\winsxs
2012-01-11 16:49:31 ----D---- C:\windows\ehome
2012-01-11 16:49:29 ----D---- C:\windows\system32\drivers
2012-01-11 14:38:44 ----A---- C:\windows\system32\MRT.exe
2012-01-11 14:38:31 ----D---- C:\ProgramData\Microsoft Help
2012-01-11 11:39:40 ----D---- C:\windows\system32\catroot
2012-01-11 11:39:39 ----D---- C:\windows\system32\catroot2
2012-01-09 16:38:29 ----A---- C:\windows\SYSWOW64\PnkBstrB.exe
2012-01-09 15:25:08 ----A---- C:\windows\SYSWOW64\PnkBstrA.exe
2012-01-09 11:27:39 ----RD---- C:\Program Files (x86)
2012-01-09 11:27:39 ----HD---- C:\ProgramData
2012-01-05 22:47:19 ----D---- C:\Users\stepan\AppData\Roaming\BitTorrent
2012-01-05 10:38:32 ----D---- C:\windows\system32\Tasks
2012-01-05 10:38:28 ----RD---- C:\Program Files (x86)\Skype
2012-01-05 10:38:28 ----D---- C:\ProgramData\Skype
2012-01-05 10:38:24 ----D---- C:\Program Files (x86)\Common Files
2012-01-05 10:37:57 ----D---- C:\Users\stepan\AppData\Roaming\skypePM
2012-01-03 20:26:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-01-01 05:27:11 ----D---- C:\ProgramData\Skype Extras
2011-12-20 16:15:07 ----D---- C:\windows\system32\spool
2011-12-20 16:15:07 ----D---- C:\windows\system32\DriverStore
2011-12-19 15:44:56 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-04-08 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-12-25 834544]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\DRIVERS\fspad_wlh64.sys [2009-12-17 53248]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-05-07 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-05-07 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-02-08 855328]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 a28nmsnz;a28nmsnz; C:\windows\system32\drivers\a28nmsnz.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
S3 BTMHID;BTMHID; C:\windows\system32\DRIVERS\btmhid.sys [2010-03-23 34048]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-04-15 3231104]
S3 EUCR;EUCR; C:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-08-09 88912]
S3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64; C:\windows\system32\DRIVERS\fspad_xp64.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2011-09-17 33344]
S3 hipeer20;Remobo Instant Private Network; C:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2011-04-07 1012328]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2012-01-09 75136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-05 1038088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-05 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 18 led 2012 06:43

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

#3 Příspěvek od **Mc_Murphy** » 18 led 2012 06:51

Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Mozilla Firefox, aktualizace řeší spoustu problémů i v systému samotném.

Odinstaluj Pando Networks - Media Booster.

Program ICQ bych doporučil odebrat ze spouštění při startu systému a spouštět jej v případě potřeby ručně PO náběhu systému - hodně zdržuje.

Potom fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\stepan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: pageshotsbho - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x86.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-100895179-993598218-3902160186-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-100895179-993598218-3902160186-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

A dáme si preventivní scan s MBAM.

Takže stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

3zeeboom · #4 Příspěvek od **3zeeboom** » 18 led 2012 20:29

dobry den.. tady je vypis logu z MBAM

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
http://www.malwarebytes.org

Verze databáze: v2012.01.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
stepan :: HOME [administrátor]

Ochrana: Povolena

18.1.2012 16:31:14
mbam-log-2012-01-18 (20-27-44).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 590423
Uplynulý čas: 2 hodin, 3 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCR\TypeLib\{958EEF1C-FD1A-4CC9-AA50-76395822165F} (Adware.ADON) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{4E5531EE-C8AB-4FFD-81E0-CD345EB71164} (Adware.ADON) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 15
C:\Program Files (x86)\counter (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\dlls (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models\player (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models\player\militia (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models\player\spetsnaz (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\resource (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\valve (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\valve\cl_dlls (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike_czech (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike_czech\SAVE (Trojan.Agent) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 121
C:\Program Files\trend micro\backups\backup-20120118-112646-367.dll (Adware.ADON) -> Žádná instrukce nebyla provedena.
C:\ProgramData\PageshotsPro\pageshots_x64.dll (Adware.ADON) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\a3dapi.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Core.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Counter Strike 1.6 Non Steam.lnk (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\counter_strike.rar (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\CS.NS.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\css.rar (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\dbg.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Dedicated Server.lnk (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\DemoPlayer.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\desktop.ini (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\FileSystem_Stdio.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\FileSystem_Steam.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\HEAD.JPG (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hl.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hlds.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hlds_steamgames.vdf (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\HLTV-Readme.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hltv.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hltv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\hw.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\InstallRecord.blob (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\kver.kp (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\language.inf (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\matrix.bmp (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Mp3dec.asi (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Mss32.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Mssv12.asi (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Mssv29.asi (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\pldecal.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\POMOSI.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Pro ZASMANI.doc (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\proxy.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\readme.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\renegade.JPG (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\smoke.bmp (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Steam.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\steamclient.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\sw.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\swds.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\Thumbs.db (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\tier0_s.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\ts2_client_rc2_2032.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\vgui.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\vgui2.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\voice_miles.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\voice_speex.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\vstdlib_s.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\bot cmd console.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotAllWeapons.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyGuns.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyKnives.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyMG.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyRifles.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyShield.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlyShotguns.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlySMG.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\BotOnlySnipers.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\commandmenu.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\dlls\mp.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models\player\militia\militia.mdl (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\models\player\spetsnaz\spetsnaz.mdl (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\resource\CreateMultiplayerGameBotPage.res (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\resource\CreateMultiplayerGameServerPage.res (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_left.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_left2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_left3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_left_small.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_right.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_right2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_right3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\bottom_right_small.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\horizontal.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\left.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\left2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\left3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\right.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\right2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\right3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_left.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_left2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_left3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_left_small.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_right.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_right2.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_right3.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\top_right_small.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\cstrike\sprites\vertical.spr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cs16b_bots\valve\cl_dlls\GameUI.dll (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\0Soup0_simpsons.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\aim_deagle.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\ajawad.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\as_tundra.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\autobuy.original (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\autobuy.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\bjchristmas.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\bot cmd console.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotAllWeapons.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyGuns.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyKnives.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyMG.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyRifles.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyShield.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlyShotguns.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlySMG.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\BotOnlySnipers.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\cached.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\chateau.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\commandmenu.original (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\commandmenu.txt (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\commandmenu.txt.original (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\config.cfg (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\cstraining.wad (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\counter\cstrike\cstrike.ico (Trojan.Agent) -> Žádná instrukce nebyla provedena.

(konec)

#5 Příspěvek od **Mc_Murphy** » 19 led 2012 06:50

Nemáš náhodou Counter-Strike cracknutý?

Ale tohle bude nejspíše falešná detekce. Všechny položky Counter-Strike dej ignorovat (neopravovat).

Opravit/smazat dej pouze tyto položky:
HKCR\TypeLib\{958EEF1C-FD1A-4CC9-AA50-76395822165F} (Adware.ADON) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{4E5531EE-C8AB-4FFD-81E0-CD345EB71164} (Adware.ADON) -> Žádná instrukce nebyla provedena.
C:\Program Files\trend micro\backups\backup-20120118-112646-367.dll (Adware.ADON) -> Žádná instrukce nebyla provedena.
C:\ProgramData\PageshotsPro\pageshots_x64.dll (Adware.ADON) -> Žádná instrukce nebyla provedena.

Až to opravíš, můžeš MBAM zase odinstalovat.

A dáme si ještě scan s OTL.

Takže stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

3zeeboom · #6 Příspěvek od **3zeeboom** » 20 led 2012 02:18

takze log z otl.txt
OTL logfile created on: 1/20/2012 11:56:57 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\stepan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.79 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 51.22% Memory free
7.59 Gb Paging File | 5.58 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.39 Gb Total Space | 17.51 Gb Free Space | 6.41% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 28.38 Gb Free Space | 15.57% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: stepan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/01/19 16:10:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\stepan\Desktop\OTL.exe
PRC - [2012/01/09 15:25:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/03 20:25:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/29 15:19:26 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/09/29 15:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/04/08 06:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/06/18 02:52:14 | 002,486,272 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
PRC - [2010/04/10 00:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/09 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/09 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe
PRC - [2005/04/29 15:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/07 11:09:02 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012/01/03 20:25:58 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/03 10:46:40 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e1800cb6b29cfc866adfa9476625936a\System.Runtime.Remoting.ni.dll
MOD - [2012/01/03 10:38:04 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 11:24:56 | 001,218,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\4013a4d303761138606a952901b0f590\System.Management.ni.dll
MOD - [2011/10/13 11:22:11 | 001,781,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e06eb1acf979d6dfd95c9ebcf5550bb\System.Xaml.ni.dll
MOD - [2011/10/13 11:18:56 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011/10/13 00:33:16 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/13 00:33:08 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/13 00:32:53 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/13 00:32:47 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/13 00:32:43 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/13 00:32:42 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/13 00:32:30 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/12 18:29:20 | 017,673,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1418a81b6da08d4735b83a60f7525c8b\PresentationFramework.ni.dll
MOD - [2011/10/12 18:29:05 | 000,450,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\63e7af5d85d855a9bd3bf6cc15bf7db5\PresentationFramework.Aero.ni.dll
MOD - [2011/10/12 18:29:01 | 011,106,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\fb7a70d4f5b2df437d456ec82d658fea\PresentationCore.ni.dll
MOD - [2011/10/12 18:28:57 | 013,137,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\52e237bd9dcf62782e477d3caf451210\System.Windows.Forms.ni.dll
MOD - [2011/10/12 18:28:49 | 003,798,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\81046d70594f88758b8b9b698d510fa8\WindowsBase.ni.dll
MOD - [2011/10/12 18:28:46 | 001,652,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9f3d6ed58636f00b008eb84c2fecfffe\System.Drawing.ni.dll
MOD - [2011/10/12 18:28:36 | 007,053,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\d3dab9ff9af3acc625d79329fc143357\System.Core.ni.dll
MOD - [2011/10/12 18:28:33 | 005,618,176 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\1117df4d861920db904cf596d64ca7e7\System.Xml.ni.dll
MOD - [2011/10/12 18:28:27 | 009,085,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\e3914597ed0a6c9bc82824f874ca21be\System.ni.dll
MOD - [2011/10/12 18:28:19 | 014,409,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5de681ee33ae6535462d070428f4f1b\mscorlib.ni.dll
MOD - [2011/10/08 11:00:11 | 000,115,137 | ---- | M] () -- C:\Users\stepan\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
MOD - [2011/09/29 15:19:26 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/04/08 06:14:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/11/13 03:36:45 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/09/07 17:30:39 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2005/04/29 15:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
MOD - [2005/04/29 15:15:36 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\TouchFreeze\TouchFreeze.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/06/05 13:11:26 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/04/22 20:10:30 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010/04/15 22:09:20 | 004,170,504 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2010/04/15 22:09:08 | 001,096,456 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/09 15:25:08 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/06/05 13:11:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/08 06:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/12/15 21:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/12/09 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/12/09 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/17 12:14:55 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011/08/31 18:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/06/02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/06/02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/06/02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/08 06:14:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/25 03:15:28 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/12/21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/09 04:01:58 | 000,088,912 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EUCR6SK.sys -- (EUCR)
DRV:64bit: - [2010/08/01 22:01:04 | 000,030,720 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\remobo64.sys -- (hipeer20)
DRV:64bit: - [2010/05/07 06:04:02 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/05/07 06:04:02 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/04/15 22:09:50 | 003,231,104 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2010/04/10 00:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010/03/23 02:03:14 | 000,034,048 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhid.sys -- (BTMHID)
DRV:64bit: - [2010/03/04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/08 21:10:02 | 000,855,328 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/12/17 13:07:16 | 000,053,248 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2009/10/05 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2007/04/23 15:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/23 15:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007/04/23 15:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007/04/23 15:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007/04/23 15:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-100895179-993598218-3902160186-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.7&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/03 20:26:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/02 02:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/01/18 11:39:21 | 000,000,000 | ---D | M]

[2010/12/10 22:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stepan\AppData\Roaming\Mozilla\Extensions
[2011/01/27 08:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default\extensions
[2012/01/18 23:13:58 | 000,001,056 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default\searchplugins\icqplugin.xml
[2012/01/03 20:26:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/05 10:38:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/03 20:25:59 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 00:00:54 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011/10/02 00:00:54 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010/12/03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011/10/02 00:00:54 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011/10/02 00:00:54 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/10/02 00:00:54 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011/01/09 10:34:52 | 000,001,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (Pageshots for Internet Explorer PRO) - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll File not found
O3 - HKU\S-1-5-21-100895179-993598218-3902160186-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll File not found
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKU\S-1-5-21-100895179-993598218-3902160186-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-100895179-993598218-3902160186-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-100895179-993598218-3902160186-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-100895179-993598218-3902160186-1001..\Run: [TouchFreeze] C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.48.65.3 10.97.85.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17E32D10-1707-4AE8-A1CE-CEEEF1966983}: DhcpNameServer = 77.48.65.3 10.97.85.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21A0BD65-5E6B-408D-B3E3-FBF6C798AF3B}: DhcpNameServer = 195.178.72.150
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ef540a9b-0fcf-11e0-8b15-406186b4b3ea}\Shell - "" = AutoRun
O33 - MountPoints2\{ef540a9b-0fcf-11e0-8b15-406186b4b3ea}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.XFR1 - C:\windows\SysWow64\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/01/19 16:10:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\stepan\Desktop\OTL.exe
[2012/01/18 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\stepan\AppData\Roaming\Malwarebytes
[2012/01/18 11:48:36 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/18 11:48:35 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/01/18 11:48:35 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/01/18 11:48:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/01/18 11:48:35 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/01/18 11:48:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/01/18 11:48:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/01/18 11:48:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/01/18 11:48:35 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/01/18 11:48:35 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/01/18 11:48:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/01/18 11:48:35 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/01/18 11:48:35 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/01/18 11:48:35 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/01/18 11:48:35 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/01/18 11:48:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/01/18 11:48:35 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/01/18 11:48:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/01/18 11:48:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/01/18 11:48:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/01/18 11:48:34 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/01/18 11:48:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/01/18 11:48:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/01/18 11:48:34 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/01/18 11:48:34 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/01/18 11:48:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/01/18 11:48:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/01/18 11:48:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/01/18 11:48:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/01/18 11:48:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/01/18 11:48:33 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/01/18 11:48:33 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/01/18 11:48:33 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/01/18 11:48:33 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/01/18 11:48:33 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/01/18 11:48:33 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/01/18 11:48:33 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/01/18 11:48:33 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/01/18 11:48:33 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/01/18 11:48:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/01/18 11:48:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/01/18 11:48:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/01/18 11:48:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/01/18 11:48:33 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/01/18 11:48:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/01/18 11:48:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/01/18 11:48:33 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/01/18 11:48:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/01/18 11:48:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/01/18 11:48:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/01/18 11:48:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/01/18 11:48:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/01/18 11:48:33 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/01/18 11:48:33 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/01/18 11:48:33 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/01/18 11:48:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/01/18 11:48:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/01/18 11:48:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/01/18 11:48:33 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/01/18 11:48:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/01/18 11:48:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/01/18 11:48:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/01/18 11:48:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/01/18 11:48:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/01/18 11:48:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/01/18 11:48:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/01/18 11:48:33 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/01/18 11:48:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/01/18 11:48:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/01/18 11:48:33 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/01/18 11:48:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/01/18 11:48:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/01/18 11:45:40 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2012/01/18 11:45:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2012/01/18 11:45:36 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2012/01/18 11:45:36 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2012/01/18 11:45:36 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2012/01/18 11:45:35 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2012/01/18 11:45:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2012/01/18 11:45:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll
[2012/01/18 11:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/18 11:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012/01/18 11:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/01/18 11:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/18 00:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/18 00:09:49 | 000,000,000 | ---D | C] -- C:\rsit
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/01/20 11:59:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/20 11:56:09 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/20 11:56:09 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/20 11:47:25 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/20 11:47:20 | 3056,078,848 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/19 16:10:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\stepan\Desktop\OTL.exe
[2012/01/19 09:59:51 | 000,666,656 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2012/01/19 09:59:51 | 000,652,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/01/19 09:59:51 | 000,140,320 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2012/01/19 09:59:51 | 000,121,292 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/01/19 09:59:50 | 001,577,410 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/01/18 11:48:36 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/18 11:48:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/01/18 11:48:35 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/01/18 11:48:35 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/01/18 11:48:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/01/18 11:48:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/01/18 11:48:35 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/01/18 11:48:35 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/01/18 11:48:35 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/01/18 11:48:35 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/01/18 11:48:35 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/01/18 11:48:35 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/01/18 11:48:35 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/01/18 11:48:35 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/01/18 11:48:35 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/01/18 11:48:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/01/18 11:48:35 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2012/01/18 11:48:35 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/01/18 11:48:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/01/18 11:48:35 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/01/18 11:48:35 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/01/18 11:48:34 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/01/18 11:48:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/01/18 11:48:34 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/01/18 11:48:34 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/01/18 11:48:34 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/01/18 11:48:34 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/01/18 11:48:34 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/01/18 11:48:34 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/01/18 11:48:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/01/18 11:48:34 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/01/18 11:48:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/01/18 11:48:33 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/01/18 11:48:33 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/01/18 11:48:33 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/01/18 11:48:33 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/01/18 11:48:33 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/01/18 11:48:33 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/01/18 11:48:33 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/01/18 11:48:33 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/01/18 11:48:33 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/01/18 11:48:33 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/01/18 11:48:33 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/01/18 11:48:33 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/01/18 11:48:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/01/18 11:48:33 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/01/18 11:48:33 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/01/18 11:48:33 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/01/18 11:48:33 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/01/18 11:48:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/01/18 11:48:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/01/18 11:48:33 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/01/18 11:48:33 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/01/18 11:48:33 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/01/18 11:48:33 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/01/18 11:48:33 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/01/18 11:48:33 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/01/18 11:48:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/01/18 11:48:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/01/18 11:48:33 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/01/18 11:48:33 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/01/18 11:48:33 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/01/18 11:48:33 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/01/18 11:48:33 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/01/18 11:48:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/01/18 11:48:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/01/18 11:48:33 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2012/01/18 11:48:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/01/18 11:48:33 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/01/18 11:48:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/01/18 11:48:33 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/01/18 11:48:33 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/01/18 11:48:33 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/01/18 11:48:33 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/01/17 22:12:53 | 000,007,599 | ---- | M] () -- C:\Users\stepan\AppData\Local\Resmon.ResmonCfg
[2012/01/16 11:11:21 | 001,556,632 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/20 02:24:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/18 11:48:35 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2012/01/18 11:48:33 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2011/10/04 00:16:25 | 000,040,960 | R--- | C] () -- C:\windows\SysWow64\psfind.dll
[2011/09/17 19:33:44 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat
[2011/09/17 11:17:05 | 001,556,632 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011/08/31 18:51:16 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/08/31 18:51:16 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011/08/31 18:51:16 | 000,105,608 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/08/31 18:26:20 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011/08/03 12:18:02 | 000,007,599 | ---- | C] () -- C:\Users\stepan\AppData\Local\Resmon.ResmonCfg
[2011/04/09 14:19:02 | 000,021,840 | ---- | C] () -- C:\windows\SysWow64\SIntfNT.dll
[2011/04/09 14:19:02 | 000,017,212 | ---- | C] () -- C:\windows\SysWow64\SIntf32.dll
[2011/04/09 14:19:02 | 000,012,067 | ---- | C] () -- C:\windows\SysWow64\SIntf16.dll
[2011/04/08 12:32:12 | 000,041,872 | ---- | C] () -- C:\windows\SysWow64\xfcodec.dll
[2011/03/24 20:40:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/22 22:10:17 | 000,000,246 | ---- | C] () -- C:\windows\RomeTW.ini
[2011/02/22 15:20:29 | 000,281,656 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2011/02/22 15:20:28 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2011/02/22 15:20:27 | 000,669,184 | ---- | C] () -- C:\windows\SysWow64\pbsvc.exe
[2011/01/17 22:25:20 | 000,000,023 | ---- | C] () -- C:\windows\BlendSettings.ini
[2011/01/07 18:31:24 | 000,000,384 | ---- | C] () -- C:\windows\ODBC.INI
[2010/12/25 17:59:43 | 000,000,331 | ---- | C] () -- C:\windows\game.ini
[2010/09/07 18:21:15 | 000,361,808 | ---- | C] () -- C:\windows\EMCRI_E.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2008/10/28 16:40:48 | 000,173,552 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[1999/01/22 21:46:58 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\MSRTEDIT.DLL

========== LOP Check ==========

[2011/07/09 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\.minecraft
[2012/01/05 22:47:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BitTorrent
[2011/12/10 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BSplayer
[2011/01/10 21:38:12 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BSplayer Pro
[2011/02/06 11:50:22 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\DAEMON Tools Lite
[2011/12/13 13:59:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\FreeCommander
[2011/11/19 19:22:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\GameRanger
[2011/07/25 17:48:35 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\GHISLER
[2011/01/22 18:23:30 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Helios
[2012/01/18 11:17:12 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\ICQ
[2011/01/22 15:17:01 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Local
[2011/10/04 14:09:40 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\LolClient
[2011/11/22 14:24:00 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011/10/08 10:46:05 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\MyPhoneExplorer
[2011/10/01 15:22:14 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Opera
[2011/10/08 10:56:17 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Samsung
[2011/09/18 01:26:45 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Tunngle
[2011/01/09 10:34:14 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Ubisoft
[2011/08/04 14:09:13 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\wargaming.net
[2012/01/18 11:54:38 | 000,032,636 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010/09/07 17:54:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010/09/07 18:02:47 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/09/07 17:54:27 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/09/07 17:55:57 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010/09/07 18:02:47 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/09/07 17:55:57 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/09/07 18:02:47 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/09/07 17:55:57 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/09/07 18:02:47 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/09/07 17:54:27 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2010/09/07 17:55:57 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/09/07 17:54:27 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\windows\SysNative\drivers\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/09/07 18:02:47 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/09/07 18:02:47 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%*.* /U /s >
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[49 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/07/09 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\.minecraft
[2011/11/22 14:23:10 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Adobe
[2010/12/10 22:08:04 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\ArcSoft
[2012/01/05 22:47:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BitTorrent
[2011/12/10 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BSplayer
[2011/01/10 21:38:12 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\BSplayer Pro
[2011/02/06 11:50:22 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\DAEMON Tools Lite
[2011/08/30 16:29:11 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\DivX
[2011/12/13 13:59:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\FreeCommander
[2011/11/19 19:22:19 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\GameRanger
[2011/07/25 17:48:35 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\GHISLER
[2011/09/17 19:20:46 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Hamachi
[2011/01/22 18:23:30 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Helios
[2012/01/18 11:17:12 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\ICQ
[2010/12/10 21:59:24 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Identities
[2011/09/24 18:28:42 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\InstallShield
[2010/12/10 21:59:59 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Intel Corporation
[2011/01/22 15:17:01 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Local
[2011/10/04 14:09:40 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\LolClient
[2010/12/25 03:05:32 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Macromedia
[2012/01/18 11:49:36 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Malwarebytes
[2010/09/07 17:22:41 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Media Center Programs
[2011/11/02 13:14:07 | 000,000,000 | --SD | M] -- C:\Users\stepan\AppData\Roaming\Microsoft
[2011/01/07 18:27:36 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Microsoft Web Folders
[2010/12/10 22:52:08 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Mozilla
[2011/11/22 14:24:00 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011/10/08 10:46:05 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\MyPhoneExplorer
[2011/06/17 22:06:05 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\NVIDIA
[2011/10/01 15:22:14 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Opera
[2011/07/16 21:21:47 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Real
[2011/10/08 10:56:17 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Samsung
[2011/02/22 15:21:11 | 000,000,000 | RH-D | M] -- C:\Users\stepan\AppData\Roaming\SecuROM
[2012/01/19 15:35:12 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Skype
[2012/01/05 10:37:57 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\skypePM
[2011/01/28 14:46:59 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\teamspeak2
[2011/09/18 01:26:45 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Tunngle
[2011/01/09 10:34:14 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Ubisoft
[2011/06/03 11:00:01 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Ventrilo
[2011/10/23 22:47:59 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\vlc
[2011/08/04 14:09:13 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\wargaming.net
[2011/04/29 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\stepan\AppData\Roaming\Xfire

#7 Příspěvek od **Mc_Murphy** » 20 led 2012 08:52

OK, počkám si.

3zeeboom · #8 Příspěvek od **3zeeboom** » 20 led 2012 12:51

< %APPDATA%\*.exe /s >
[2009/08/11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010/02/23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011/06/03 10:57:02 | 000,005,120 | R--- | M] () -- C:\Users\stepan\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2012/01/16 11:02:55 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\stepan\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe
[2011/09/29 15:19:30 | 000,364,432 | ---- | M] (ml) -- C:\Users\stepan\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/01/04 07:07:42 | 000,371,088 | ---- | M] (ml) -- C:\Users\stepan\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/01/18 11:48:34 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\admparse.dll
[2012/01/18 11:48:35 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\dxtmsft.dll
[2012/01/18 11:48:35 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\dxtrans.dll
[2012/01/18 11:48:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\html.iec
[2012/01/18 11:48:34 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\icardie.dll
[2012/01/18 11:48:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ie4uinit.exe
[2012/01/18 11:48:35 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\IEAdvpack.dll
[2012/01/18 11:48:35 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieakeng.dll
[2012/01/18 11:48:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieaksie.dll
[2012/01/18 11:48:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieakui.dll
[2012/01/18 11:48:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieapfltr.dat
[2012/01/18 11:48:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieapfltr.dll
[2012/01/18 11:48:35 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iedkcs32.dll
[2012/01/18 11:48:35 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieframe.dll
[2012/01/18 11:48:35 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iepeers.dll
[2012/01/18 11:48:35 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iernonce.dll
[2012/01/18 11:48:35 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iertutil.dll
[2012/01/18 11:48:35 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iesetup.dll
[2012/01/18 11:48:35 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iesysprep.dll
[2012/01/18 11:48:35 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieui.dll
[2012/01/18 11:48:35 | 000,072,822 | ---- | M] () -- C:\windows\system32\ieuinit.inf
[2012/01/18 11:48:34 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieUnatt.exe
[2012/01/18 11:48:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iexpress.exe
[2012/01/18 11:48:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\imgutil.dll
[2012/01/18 11:48:35 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\inetcpl.cpl
[2012/01/18 11:48:34 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\inseng.dll
[2012/01/18 11:48:35 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jscript.dll
[2012/01/18 11:48:35 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jscript9.dll
[2012/01/18 11:48:36 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jsproxy.dll
[2012/01/18 11:48:34 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\licmgr10.dll
[2012/01/20 11:47:33 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2012/01/18 11:48:34 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeeds.dll
[2012/01/18 11:48:35 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeedsbs.dll
[2012/01/18 11:48:35 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeedssync.exe
[2012/01/18 11:48:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshta.exe
[2012/01/18 11:48:34 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtml.dll
[2012/01/18 11:48:34 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtml.tlb
[2012/01/18 11:48:34 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtmled.dll
[2012/01/18 11:48:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtmler.dll
[2012/01/18 11:48:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msls31.dll
[2012/01/18 11:48:35 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msrating.dll
[2012/01/18 11:48:34 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\occache.dll
[2012/01/18 11:48:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\pngfilt.dll
[2012/01/18 11:48:36 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\RegisterIEPKEYs.exe
[2012/01/18 11:48:35 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\SetIEInstalledDate.exe
[2012/01/18 11:48:35 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\tdc.ocx
[2012/01/18 11:48:35 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\url.dll
[2012/01/18 11:48:36 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\urlmon.dll
[2012/01/18 11:48:34 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\vbscript.dll
[2012/01/18 11:48:34 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\webcheck.dll
[2012/01/18 11:48:34 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wextract.exe
[2012/01/18 11:48:36 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wininet.dll

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2011/08/31 22:57:33 | 000,000,963 | ---- | M] () -- C:\Users\stepan\Desktop\Blitzkrieg.lnk
[2011/08/29 21:21:07 | 000,002,085 | ---- | M] () -- C:\Users\stepan\Desktop\Borderlands – zástupce.lnk
[2011/03/03 22:41:45 | 000,001,416 | ---- | M] () -- C:\Users\stepan\Desktop\BT2DC switcher.lnk
[2011/03/11 16:12:23 | 000,001,679 | ---- | M] () -- C:\Users\stepan\Desktop\CivilizationV.lnk
[2011/10/13 09:57:49 | 000,001,429 | ---- | M] () -- C:\Users\stepan\Desktop\Dead Island.lnk
[2011/07/14 23:26:50 | 000,000,282 | -HS- | M] () -- C:\Users\stepan\Desktop\desktop.ini
[2011/12/13 13:59:20 | 000,001,077 | ---- | M] () -- C:\Users\stepan\Desktop\FreeCommander.lnk
[2011/01/03 18:56:05 | 000,001,431 | ---- | M] () -- C:\Users\stepan\Desktop\Frozen Throne.lnk
[2011/10/10 18:41:44 | 000,001,316 | ---- | M] () -- C:\Users\stepan\Desktop\Knight of the Old Republic.lnk
[2012/01/19 16:10:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\stepan\Desktop\OTL.exe
[2011/03/22 22:10:19 | 000,001,809 | ---- | M] () -- C:\Users\stepan\Desktop\Rome - Total War.lnk
[2011/02/18 15:16:49 | 000,002,085 | ---- | M] () -- C:\Users\stepan\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk
[2011/02/18 15:12:31 | 000,001,993 | ---- | M] () -- C:\Users\stepan\Desktop\SWAT 4.lnk
[2011/01/28 14:46:47 | 000,000,988 | ---- | M] () -- C:\Users\stepan\Desktop\Teamspeak 2 RC2.lnk
[2011/12/14 22:33:46 | 000,001,103 | ---- | M] () -- C:\Users\stepan\Desktop\The Elder Scrolls V Skyrim.lnk
[2011/01/09 10:42:35 | 000,001,043 | ---- | M] () -- C:\Users\stepan\Desktop\Total Commander.lnk
[2011/06/15 09:32:02 | 000,001,902 | ---- | M] () -- C:\Users\stepan\Desktop\Warhammer Dawn of War II.lnk
[2011/05/16 14:15:26 | 000,001,386 | ---- | M] () -- C:\Users\stepan\Desktop\World of Warcraft.lnk
[2011/11/16 20:42:51 | 000,000,815 | ---- | M] () -- C:\Users\stepan\Desktop\X3.lnk

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2011/10/10 18:10:42 | 000,012,589 | ---- | M] () -- \Users\stepan\AppData\Roaming\BitTorrent\SWKotOR + crack.ZIP.torrent
[2010/12/09 20:44:42 | 009,406,530 | ---- | M] () -- \Users\stepan\Music\LA4 - Gizmo\04-LA4 - Neco jako klid_Crack (feat. James Cole).mp3
[2006/06/16 01:33:46 | 000,067,756 | ---- | M] () -- \Users\stepan\Saved Games\counter\cstrike\sound\misc\cracker1.wav
[2008/06/27 14:23:03 | 000,048,478 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\ep2\sound\npc\antlion_guard\antlion_guard_shellcrack1.wav
[2008/06/27 14:23:03 | 000,051,070 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\ep2\sound\npc\antlion_guard\antlion_guard_shellcrack2.wav
[2008/06/27 14:39:51 | 000,000,574 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2008/06/27 14:39:51 | 000,022,064 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2007/02/20 15:36:56 | 000,000,574 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2007/02/20 15:36:56 | 000,022,064 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2006/01/26 12:14:04 | 000,174,861 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m02_sec_03_PC\m02_s3_PC_floorcrack.rsb
[2006/01/26 12:14:04 | 000,349,613 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m02_sec_03_PC\m02_s3_PC_floorcracked.rsb
[2006/01/26 12:15:52 | 001,398,189 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m07_sec_01_pc\m07_decal_cracks.rsb
[2006/01/26 12:15:54 | 001,398,189 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m07_sec_01_pc\m07_s1_concrete_crack_02.rsb
[2006/01/26 12:16:34 | 000,349,613 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m08_sec_02_PC\m08_s2_PC_floorcrackdecal1.rsb
[2006/01/26 12:17:50 | 000,011,077 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m10_sec_02_pc\M10_S1_crackedgrnd.rsb
[2006/01/26 12:18:04 | 000,087,405 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m11_sec_01_pc\m11_pc_edgecrack.rsb
[2006/01/26 12:18:26 | 000,087,525 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m11_sec_02_pc\m11_pc_crackg.rsb
[2006/01/26 12:18:26 | 000,087,405 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m11_sec_02_pc\m11_pc_edgecrack.rsb
[2006/01/26 12:18:36 | 000,349,613 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m12_sec_01_pc\M12_s1_PC_ceilingcrack01.rsb
[2006/01/26 12:18:50 | 000,349,613 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\map\m12_sec_03_pc\m12_s3_PC_conwallcracked.rsb
[2006/01/26 12:25:24 | 000,032,933 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\textures\cracked_glass.rsb
[2006/01/26 12:25:46 | 000,349,613 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\textures\object\obj_d_crack01.rsb
[2006/01/26 12:25:46 | 001,398,189 | R--- | M] () -- \Users\stepan\Saved Games\Rainbow Six Lockdown\data\textures\object\obj_d_crack02_faint.rsb

< *keygen* /s >

< *loader* /s >
[2009/09/14 22:48:10 | 000,070,936 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2009/09/22 12:17:26 | 000,030,315 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\WillowGame\CookedPC\Maps\Loader.umap
[2011/05/14 23:24:29 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/01/26 16:20:28 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/01/26 16:20:28 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/01/26 16:20:28 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011/04/11 13:03:56 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011/01/26 16:21:02 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011/01/26 16:21:02 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009/05/31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 02:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011/09/21 16:40:56 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011/09/29 15:19:24 | 000,131,984 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2005/06/07 19:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR 3.61 Multi\RarExtLoader.exe
[2011/05/16 14:16:03 | 000,002,931 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6L66S6WC\preloader[1].swf
[2012/01/19 21:20:52 | 000,005,505 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6VQLRI3H\queryLoader[2].js
[2011/05/15 17:41:17 | 000,003,208 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8CHCAB82\ajax-loader[1].gif
[2011/01/27 08:22:07 | 000,002,931 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8CHCAB82\preloader[1].swf
[2012/01/19 21:20:51 | 000,000,353 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J17W0HGJ\queryLoader[1].css
[2011/01/27 08:22:06 | 000,001,891 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXS0FVD8\preloader[1].js
[2011/10/01 15:21:21 | 000,000,905 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ODWA8GW\TooltipLoader[1].css
[2011/10/01 15:21:21 | 000,014,290 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ODWA8GW\TooltipLoader[1].js
[2011/05/05 16:29:49 | 000,003,208 | ---- | M] () -- \Users\stepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WDKQ2MED\ajax-loader[1].gif
[2011/03/02 15:33:07 | 000,002,931 | ---- | M] () -- \Users\stepan\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2SKRN003\preloader[1].swf
[2011/03/02 15:33:06 | 000,001,891 | ---- | M] () -- \Users\stepan\AppData\Local\Temp\Temporary Internet Files\Content.IE5\EK8PV9VA\preloader[1].js
[2011/04/11 13:03:56 | 000,000,402 | ---- | M] () -- \Users\stepan\AppData\Local\Temp\Temporary Internet Files\Content.IE5\JLUNOPR4\preloader[1].htm
[2011/04/20 17:58:28 | 000,000,054 | ---- | M] () -- \Users\stepan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZFEJ7C32\media.mtvnservices.com\player\loader\loaderLogging.sol
[2003/09/26 08:15:26 | 000,169,384 | ---- | M] () -- \Users\stepan\Saved Games\counter\cstrike\models\qloader.mdl
[2003/09/15 13:55:50 | 000,352,548 | ---- | M] () -- \Users\stepan\Saved Games\counter\valve\models\loader.mdl
[2003/09/15 13:56:04 | 000,012,764 | ---- | M] () -- \Users\stepan\Saved Games\counter\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 13:56:04 | 000,012,164 | ---- | M] () -- \Users\stepan\Saved Games\counter\valve\sound\ambience\loader_step1.wav
[2006/05/04 17:16:50 | 000,333,840 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\hideout\Loader_Sequence.WAV
[2006/05/04 17:16:50 | 000,005,952 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\hideout\Loader_Sequence.WHD
[2006/05/04 17:16:50 | 000,351,949 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\hideout\Loader_Sequence.ZIP
[2006/05/04 17:17:20 | 000,313,360 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M00\Loader_Sequence.WAV
[2006/05/04 17:17:20 | 000,005,392 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M00\Loader_Sequence.WHD
[2006/05/04 17:17:20 | 000,570,691 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M00\Loader_Sequence.ZIP
[2006/05/04 17:18:02 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M01\Loader_Sequence.WAV
[2006/05/04 17:18:02 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M01\Loader_Sequence.WHD
[2006/05/04 17:18:02 | 000,711,223 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M01\Loader_Sequence.ZIP
[2006/05/04 17:18:52 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M02\Loader_Sequence.WAV
[2006/05/04 17:18:52 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M02\Loader_Sequence.WHD
[2006/05/04 17:18:52 | 000,634,201 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M02\Loader_Sequence.ZIP
[2006/05/04 17:19:46 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M03\Loader_Sequence.WAV
[2006/05/04 17:19:46 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M03\Loader_Sequence.WHD
[2006/05/04 17:19:46 | 000,707,294 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M03\Loader_Sequence.ZIP
[2006/05/04 17:20:20 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M04\Loader_Sequence.WAV
[2006/05/04 17:20:20 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M04\Loader_Sequence.WHD
[2006/05/04 17:20:20 | 000,531,761 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M04\Loader_Sequence.ZIP
[2006/05/04 17:21:00 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M05\Loader_Sequence.WAV
[2006/05/04 17:21:00 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M05\Loader_Sequence.WHD
[2006/05/04 17:21:00 | 000,591,946 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M05\Loader_Sequence.ZIP
[2006/05/04 17:21:50 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M06\Loader_Sequence.WAV
[2006/05/04 17:21:50 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M06\Loader_Sequence.WHD
[2006/05/04 17:21:50 | 000,617,459 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M06\Loader_Sequence.ZIP
[2006/05/04 17:22:26 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M08\Loader_Sequence.WAV
[2006/05/04 17:22:26 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M08\Loader_Sequence.WHD
[2006/05/04 17:22:28 | 000,440,664 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M08\Loader_Sequence.ZIP
[2006/05/04 17:23:14 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M09\Loader_Sequence.WAV
[2006/05/04 17:23:14 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M09\Loader_Sequence.WHD
[2006/05/04 17:23:14 | 000,550,700 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M09\Loader_Sequence.ZIP
[2006/05/04 17:24:14 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M10\Loader_Sequence.WAV
[2006/05/04 17:24:14 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M10\Loader_Sequence.WHD
[2006/05/04 17:24:14 | 000,650,200 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M10\Loader_Sequence.ZIP
[2006/05/04 17:24:58 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M11\Loader_Sequence.WAV
[2006/05/04 17:24:58 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M11\Loader_Sequence.WHD
[2006/05/04 17:24:58 | 000,596,635 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M11\Loader_Sequence.ZIP
[2006/05/04 17:25:40 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M12\Loader_Sequence.WAV
[2006/05/04 17:25:40 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M12\Loader_Sequence.WHD
[2006/05/04 17:25:40 | 000,668,734 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M12\Loader_Sequence.ZIP
[2006/05/04 17:26:20 | 000,320,528 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M13\Loader_Sequence.WAV
[2006/05/04 17:26:20 | 000,005,616 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M13\Loader_Sequence.WHD
[2006/05/04 17:26:20 | 000,632,940 | ---- | M] () -- \Users\stepan\Saved Games\Deathglance\Scenes\M13\Loader_Sequence.ZIP
[2008/06/27 14:36:39 | 000,000,179 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loaderCHROME.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loaderCHROME.vtf
[2008/06/27 14:36:38 | 000,000,073 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base.vmt
[2008/06/27 14:36:39 | 000,011,128 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base.vtf
[2008/06/27 14:36:39 | 000,000,080 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base_panels.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base_panels.vtf
[2008/06/27 14:36:39 | 000,000,079 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base_sides.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_base_sides.vtf
[2008/06/27 14:36:39 | 000,000,079 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_body_hatch.vmt
[2008/06/27 14:36:39 | 000,011,128 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_body_hatch.vtf
[2008/06/27 14:36:39 | 000,000,078 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_body_side.vmt
[2008/06/27 14:36:39 | 000,011,128 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_body_side.vtf
[2008/06/27 14:36:39 | 000,000,184 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_darkCHROME.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_darkCHROME.vtf
[2008/06/27 14:36:39 | 000,000,073 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_head.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_head.vtf
[2008/06/27 14:36:39 | 000,000,078 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_hydro.vmt
[2008/06/27 14:36:39 | 000,001,512 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_hydro.vtf
[2008/06/27 14:36:39 | 000,000,082 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vmt
[2008/06/27 14:36:39 | 000,000,888 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vtf
[2008/06/27 14:36:39 | 000,000,078 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_side1.vmt
[2008/06/27 14:36:39 | 000,011,048 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_leg_side1.vtf
[2008/06/27 14:36:39 | 000,000,186 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_steelchrome1.vmt
[2008/06/27 14:36:39 | 000,002,936 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\hl2\materials\PerfTest\loader\loader_steelchrome1.vtf
[2003/11/04 11:58:04 | 000,921,656 | ---- | M] () -- \Users\stepan\Saved Games\KotOR 1\launcher\swloader.bmp
[2010/09/07 16:50:54 | 000,002,001 | ---- | M] () -- \Users\stepan\Saved Games\League of Legend\League of Legends\rads\projects\lol_air_client\releases\0.0.0.121\deploy\assets\images\SpinLoader.png
[2010/11/02 11:36:12 | 000,000,404 | ---- | M] () -- \Users\stepan\Saved Games\League of Legend\League of Legends\rads\projects\lol_air_client\releases\0.0.0.121\deploy\assets\storeImages\layout\small_loader.gif
[2006/10/14 01:51:42 | 000,106,496 | ---- | M] () -- \Users\stepan\Saved Games\Rainbow six vegas\Binaries\PhysXLoader.dll
[2009/02/08 12:14:14 | 000,032,768 | ---- | M] () -- \Users\stepan\Saved Games\Warhammer Dawn of War 2\Loader.exe
[2011/05/15 13:14:52 | 002,172,400 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\BackgroundDownloader.exe
[2011/05/15 13:15:41 | 000,003,026 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2011/05/15 13:15:42 | 000,004,261 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2009/05/03 01:59:48 | 000,001,080 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\AcherusLoader\AcherusLoader.lua
[2009/05/03 01:59:48 | 000,000,826 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\AcherusLoader\AcherusLoader.toc
[2010/02/06 09:57:22 | 000,002,932 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\Afflicted\libs\AceGUI-3.0-Spell-EditBox\SpellLoader.lua
[2010/01/01 22:16:08 | 000,003,017 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\SpellAlerter\Libs\AceGUI-3.0-Spell-EditBox\SpellLoader.lua
[2011/01/15 13:02:03 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012/01/20 11:56:32 | 000,064,830 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-04169B25.pf
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/09/07 17:31:08 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/09/07 17:31:08 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010/09/07 17:31:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010/09/07 17:31:08 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010/09/07 17:31:08 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/07/14 11:10:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/14 11:10:57 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/14 11:10:58 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/14 11:10:58 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/14 11:10:58 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/09/07 17:28:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2011/08/30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011/10/12 18:34:29 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/01/22 17:10:04 | 000,000,000 | ---- | M] () -- \Users\stepan\AppData\LocalLow\boost_interprocess\DDM0serviceCmdSerializeLock
[2011/01/08 19:59:59 | 000,000,369 | ---- | M] () -- \Users\stepan\AppData\Roaming\Microsoft\Windows\Cookies\Low\stepan@serialy.kinotip[1].txt
[2008/12/13 20:31:14 | 000,499,712 | ---- | M] () -- \Users\stepan\Documents\Rawr v2.1.4\Rawr.Base.XmlSerializers.dll
[2008/12/13 20:31:14 | 000,499,712 | ---- | M] () -- \Users\stepan\Documents\Rawr v2.1.4\Data\Rawr.Base.XmlSerializers.dll
[2006/06/01 10:23:04 | 000,200,704 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode One\bin\dmserializers.dll
[2008/06/27 14:32:32 | 000,712,704 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2 Episode Two\half-life 2 episode two\bin\dmserializers.dll
[2007/02/20 15:49:18 | 000,200,704 | ---- | M] () -- \Users\stepan\Saved Games\HalfLife2\Half Life 2\bin\dmserializers.dll
[2010/02/16 13:41:06 | 000,009,066 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/02/16 13:41:06 | 000,000,219 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/12/25 12:06:30 | 000,008,824 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2009/12/25 12:06:30 | 000,000,219 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/12/09 22:29:04 | 000,008,824 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\Talented\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2009/12/09 22:29:04 | 000,000,219 | ---- | M] () -- \Users\stepan\Saved Games\World of Warcraft\Interface\AddOns\Talented\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010/09/07 17:30:38 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/09/07 17:30:49 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/13 00:33:17 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/13 11:19:40 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011/10/13 10:20:12 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2011/10/13 00:37:21 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/04/16 14:20:27 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6C3E.tmp\System.Runtime.Serialization.dll
[2011/10/13 11:22:43 | 002,637,312 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\32c0d8ec285dd7764f74ee4578fdfd53\System.Runtime.Serialization.ni.dll
[2011/10/13 11:22:25 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b006c60270cd9fcd3ae3820ab8a98e9\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/14 11:16:08 | 000,376,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a48562a6c7603264cd5244df5928160b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/14 11:14:41 | 003,404,288 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\d0a4e36f78a4030166b42b7ab1a4aaf3\System.Runtime.Serialization.ni.dll
[2012/01/16 11:10:31 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/01/16 11:07:09 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/01/16 11:10:31 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/01/16 11:07:07 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010/06/15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010/06/15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010/09/07 17:30:27 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010/09/07 17:30:27 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010/09/07 17:30:36 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/09/07 17:30:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010/09/07 17:30:49 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010/09/07 17:30:41 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009/06/10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011/07/14 11:10:29 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/14 11:10:29 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010/09/07 17:31:10 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010/09/07 17:31:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009/07/14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010/09/07 17:29:30 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/09/07 17:30:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010/09/07 17:30:49 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010/09/07 17:30:39 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/09/07 17:30:27 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/09/07 17:30:49 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010/11/05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"IAStorIcon" = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -- [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation)
"MGSysCtrl" = C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe -- [2010/06/18 02:52:14 | 002,486,272 | ---- | M] (Micro-Star International Co., Ltd.)
"GrooveMonitor" = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" -- [2008/10/25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation)
"KiesHelper" = C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s -- [2011/09/29 15:19:14 | 000,929,680 | ---- | M] (Samsung)
"KiesTrayAgent" = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe -- [2011/09/29 15:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange" = 1
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"TouchFreeze" = C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe -- [2005/04/29 15:15:40 | 000,045,056 | ---- | M] ()
"KiesPDLR" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2011/09/29 15:19:26 | 000,020,880 | ---- | M] ()

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"IAStorIcon" = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -- [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation)
"MGSysCtrl" = C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe -- [2010/06/18 02:52:14 | 002,486,272 | ---- | M] (Micro-Star International Co., Ltd.)
"GrooveMonitor" = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" -- [2008/10/25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation)
"KiesHelper" = C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s -- [2011/09/29 15:19:14 | 000,929,680 | ---- | M] (Samsung)
"KiesTrayAgent" = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe -- [2011/09/29 15:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange" = 1
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/20 11:59:25 | 000,000,512 | ---- | M] () MD5=73036D0915324DBF743029F1632CB2CD -- C:\PhysicalMBR.bin

========== Files - Unicode (All) ==========
[2011/11/17 01:19:56 | 000,000,651 | ---- | M] ()(C:\Users\stepan\AppData\Local\PMB Fik?s) -- C:\Users\stepan\AppData\Local\PMB Fik聥s
[2011/11/17 01:19:56 | 000,000,651 | ---- | C] ()(C:\Users\stepan\AppData\Local\PMB Fik?s) -- C:\Users\stepan\AppData\Local\PMB Fik聥s

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >

3zeeboom · #9 Příspěvek od **3zeeboom** » 20 led 2012 13:31

soubor extras.txt se nevytvoril ani po opakovanem scanu.. tak nevim

pri prvnim scanu vytvoreny byl ale to jsem si az pozdeji uvedomil ze sem nevlozil text do pole "vlastni scanovani a upravy".. no prikladam zde extras.txt ktery vznikl pri 1. pokusu a doufam ze to staci

OTL Extras logfile created on: 1/20/2012 2:03:20 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\stepan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.79 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 69.00% Memory free
7.59 Gb Paging File | 6.06 Gb Available in Paging File | 79.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.39 Gb Total Space | 18.05 Gb Free Space | 6.60% Space Free | Partition Type: NTFS
Drive D: | 182.27 Gb Total Space | 28.38 Gb Free Space | 15.57% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: stepan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6448F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) SE Runtime Environment 6 Update 7
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8426FCB8FBFE7DD936977F568A58E018229E5BC1" = ENE USB Card Reader Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Motorola Bluetooth_is1" = Motorola Bluetooth

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24762012-C6C8-4AAD-A02D-71A009FA1683}" = Adobe Flash Player 10 ActiveX
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars®: Knights of the Old Republic (TM)
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30BA90A9-E6B4-4FFC-8BC5-B7F2E014F432}" = Hitman Blood Money
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{5157A26D-28AF-4E96-99EE-25D510437653}_is1" = SpaceChem
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}" = msi Software Install
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{D031E017-2434-40A7-A352-4DDD0199170D}" = TouchFreeze
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.21beta
"Battletest2 DC v2.6" = Battletest2 DC v2.6
"BitTorrent" = BitTorrent
"Blitzkrieg" = Blitzkrieg
"BSPlayerf" = BS.Player FREE
"Dragon Age - Stahovatelný obsah" = Dragon Age - Stahovatelný obsah
"Drakensang_TRoT_is1" = Drakensang - The River of Time
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreeCommander_is1" = FreeCommander 2009.02b
"Galactic Civilizations II - Ultimate Edition" = Galactic Civilizations II - Ultimate Edition
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = SWAT 4 - The Stetchkov Syndicate
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIA.Updatus" = NVIDIA Updatus
"Opera 11.52.1100" = Opera 11.52
"PageshotsPro_is1" = PageshotsPro 1.0.0
"Perimeter_is1" = Perimeter
"Postal 2_is1" = Portal 2
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Recover My Files_is1" = Recover My Files
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"X3: Reunion_is1" = X3: Reunion 1.4.02
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GaCiv 2-Dread Lords CZ + Dark Avatar v1.8g CZ" = GaCiv 2-Dread Lords CZ + Dark Avatar v1.8g CZ

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/6/2012 8:16:25 AM | Computer Name = home | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll se nezdařilo. Chyba v souboru manifestu
nebo zásady c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll
na řádku 2. Neplatná syntaxe XML.

Error - 1/7/2012 6:54:44 AM | Computer Name = home | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TESV.exe, verze: 1.1.21.0, časové razítko:
0x4ea9b052 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x242049aa ID chybujícího procesu: 0xa4c Čas spuštění
chybující aplikace: 0x01cccd263eb201dd Cesta k chybující aplikaci: C:\Users\stepan\Saved
Games\The Elder Scrolls V Skyrim\TESV.exe Cesta k chybujícímu modulu: unknown ID
zprávy: 0179a41e-391e-11e1-af3c-406186b4b3ea

Error - 1/7/2012 8:57:35 AM | Computer Name = home | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2.
V
manifestu není povoleno více prvků requestedPrivileges.

Error - 1/7/2012 8:59:47 AM | Computer Name = home | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro c:\program files (x86)\windows live\photo
gallery\MovieMaker.Exe se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL na řádku 8. Identita komponenty
nalezená v manifestu nesouhlasí s identitou požadované komponenty. Odkaz je WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definice
je WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 1/7/2012 9:00:29 AM | Computer Name = home | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll se nezdařilo. Chyba v souboru manifestu
nebo zásady c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll
na řádku 2. Neplatná syntaxe XML.

Error - 1/8/2012 7:21:10 PM | Computer Name = home | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2.
V
manifestu není povoleno více prvků requestedPrivileges.

Error - 1/9/2012 10:59:51 AM | Computer Name = home | Source = Application Error | ID = 1000
Description = Název chybující aplikace: APB_Gecko.exe, verze: 1.1.0.0, časové razítko:
0x4d56c804 Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.6161, časové
razítko: 0x4dace5b9 Kód výjimky: 0xc0000005 Posun chyby: 0x00025e37 ID chybujícího
procesu: 0x11b8 Čas spuštění chybující aplikace: 0x01cccedd213ca554 Cesta k chybující
aplikaci: D:\apb reloaded\Binaries\APB_Gecko.exe Cesta k chybujícímu modulu: C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
ID
zprávy: 9429922e-3ad2-11e1-8d3b-406186b4b3ea

Error - 1/10/2012 5:29:54 AM | Computer Name = home | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2.
V
manifestu není povoleno více prvků requestedPrivileges.

Error - 1/10/2012 5:31:25 AM | Computer Name = home | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro c:\program files (x86)\windows live\photo
gallery\MovieMaker.Exe se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL na řádku 8. Identita komponenty
nalezená v manifestu nesouhlasí s identitou požadované komponenty. Odkaz je WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definice
je WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 1/10/2012 5:31:46 AM | Computer Name = home | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll se nezdařilo. Chyba v souboru manifestu
nebo zásady c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll
na řádku 2. Neplatná syntaxe XML.

[ Media Center Events ]
Error - 8/24/2011 8:52:24 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 14:52:24 - Chyba při připojování k Internetu 14:52:24 - Nelze kontaktovat
server..

Error - 8/24/2011 8:52:36 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 14:52:29 - Chyba při připojování k Internetu 14:52:29 - Nelze kontaktovat
server..

Error - 8/24/2011 9:52:41 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 15:52:41 - Chyba při připojování k Internetu 15:52:41 - Nelze kontaktovat
server..

Error - 8/24/2011 9:52:47 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 15:52:46 - Chyba při připojování k Internetu 15:52:46 - Nelze kontaktovat
server..

Error - 8/24/2011 11:03:15 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 17:03:15 - Chyba při připojování k Internetu 17:03:15 - Nelze kontaktovat
server..

Error - 8/24/2011 11:03:25 AM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 17:03:20 - Chyba při připojování k Internetu 17:03:20 - Nelze kontaktovat
server..

Error - 8/24/2011 9:51:22 PM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 3:51:22 - Chyba při připojování k Internetu 3:51:22 - Nelze kontaktovat
server..

Error - 8/24/2011 9:51:29 PM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 3:51:27 - Chyba při připojování k Internetu 3:51:27 - Nelze kontaktovat
server..

Error - 8/25/2011 10:25:18 PM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 4:25:18 - Chyba při připojování k Internetu 4:25:18 - Nelze kontaktovat
server..

Error - 8/25/2011 10:25:36 PM | Computer Name = home | Source = MCUpdate | ID = 0
Description = 4:25:24 - Chyba při připojování k Internetu 4:25:24 - Nelze kontaktovat
server..

[ System Events ]
Error - 1/17/2012 4:20:15 PM | Computer Name = home | Source = Service Control Manager | ID = 7031
Description = Služba Hostitel zařízení UPnP byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error - 1/17/2012 4:20:15 PM | Computer Name = home | Source = Service Control Manager | ID = 7034
Description = Služba Služba Windows Media Player Network Sharing byla neočekávaně
ukončena. Tento stav nastal již 3krát.

Error - 1/18/2012 6:57:46 AM | Computer Name = home | Source = WMPNetworkSvc | ID = 866338
Description =

Error - 1/18/2012 6:59:18 AM | Computer Name = home | Source = WMPNetworkSvc | ID = 866338
Description =

Error - 1/18/2012 11:25:28 AM | Computer Name = home | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 1/18/2012 2:43:58 PM | Computer Name = home | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 1/19/2012 7:56:38 AM | Computer Name = home | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 1/19/2012 1:50:52 PM | Computer Name = home | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Presentation Foundation Font
Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error - 1/19/2012 1:50:52 PM | Computer Name = home | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%1053

Error - 1/19/2012 1:53:46 PM | Computer Name = home | Source = Service Control Manager | ID = 7022
Description = Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

< End of report >

#10 Příspěvek od **Mc_Murphy** » 20 led 2012 15:02

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:OTL
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-100895179-993598218-3902160186-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2012/01/18 23:13:58 | 000,001,056 | ---- | M] () -- C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default\searchplugins\icqplugin.xml
[2012/01/05 10:38:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (Pageshots for Internet Explorer PRO) - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-100895179-993598218-3902160186-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll File not found
O3 - HKU\S-1-5-21-100895179-993598218-3902160186-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[49 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[2011/11/17 01:19:56 | 000,000,651 | ---- | M] ()(C:\Users\stepan\AppData\Local\PMB Fik?s) -- C:\Users\stepan\AppData\Local\PMB Fik聥s
[2011/11/17 01:19:56 | 000,000,651 | ---- | C] ()(C:\Users\stepan\AppData\Local\PMB Fik?s) -- C:\Users\stepan\AppData\Local\PMB Fik聥s
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:63238B95

:Files
C:\ProgramData\Malwarebytes
C:\Users\stepan\AppData\Roaming\Malwarebytes
C:\Users\stepan\AppData\Roaming\BitTorrent\SWKotOR + crack.ZIP.torrent /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
""=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

3zeeboom · #11 Příspěvek od **3zeeboom** » 20 led 2012 17:53

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: stepan
->Temp folder emptied: 907805013 bytes
->Temporary Internet Files folder emptied: 194796262 bytes
->Java cache emptied: 1359179 bytes
->FireFox cache emptied: 718676205 bytes
->Opera cache emptied: 36993463 bytes
->Flash cache emptied: 92810 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356358 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3172529307 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 26051714838 bytes

Total Files Cleaned = 29,644.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: stepan
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== OTL ==========
HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-100895179-993598218-3902160186-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-100895179-993598218-3902160186-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.7&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Users\stepan\AppData\Roaming\Mozilla\Firefox\Profiles\rx64p3qs.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28CF50DA-4A17-4442-BBF9-D916BFDE072C}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28CF50DA-4A17-4442-BBF9-D916BFDE072C}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-100895179-993598218-3902160186-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\0x00000001\ not found.
File Protocol\Handler\ipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ deleted successfully.
File {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8845.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC5F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD35A.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3D3F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4338.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4847.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6C3E.tmp\System.Runtime.Serialization.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6C3E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7A1F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAAEF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC9F.tmp folder deleted successfully.
C:\Users\stepan\AppData\Local\PMB Fik聥s moved successfully.
File C:\Users\stepan\AppData\Local\PMB Fik聥s not found.
ADS C:\ProgramData\TEMP:63238B95 deleted successfully.
========== FILES ==========
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\stepan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\stepan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\stepan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\stepan\AppData\Roaming\Malwarebytes folder moved successfully.
C:\Users\stepan\AppData\Roaming\BitTorrent\SWKotOR + crack.ZIP.torrent deleted successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS\\ not found.

OTL by OldTimer - Version 3.2.31.0 log created on 01202012_173236

Files\Folders moved on Reboot...
C:\Users\stepan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\startupCache\startupCache.4.little moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\Cache\_CACHE_001_ moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\Cache\_CACHE_002_ moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\Cache\_CACHE_003_ moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\stepan\AppData\Local\Mozilla\Firefox\Profiles\rx64p3qs.default\urlclassifier3.sqlite moved successfully.

Registry entries deleted on Reboot...

#12 Příspěvek od **Mc_Murphy** » 21 led 2012 07:49

Total Files Cleaned = 29,644.00 mb

Ty jsi bordelář - skoro 30 GB nepořádku vyčištěno.

Jak je na tom počítač? Můžeme dočistit?

3zeeboom · #13 Příspěvek od **3zeeboom** » 21 led 2012 13:33

zaznamenal jsem narust rychlosti.. a hlavne zmizelo to otravne pretezovani procesoru (pri hrani sem to pocitoval oblast) takze rozhodne pozitivni vysledek

#14 Příspěvek od **Mc_Murphy** » 21 led 2012 14:01

Super, to rád slyším.

Takže dočistíme...

Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

3zeeboom · #15 Příspěvek od **3zeeboom** » 23 led 2012 14:07

dekuji za pomoc pri vycisteni pocitace

VIRY.CZ

drasticke zpomaleni pocitace

drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace

Re: drasticke zpomaleni pocitace