Logfile of random's system information tool 1.09 (written by random/random)
Run by Cheaterboy at 2012-04-01 23:14:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1428 GB (75%) free of 1900 GB
Total RAM: 8175 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:14:38, on 1.4.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\vsnp325.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\Windows\tsnp325.exe
C:\Windows\FixCamera.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Cheaterboy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files (x86)\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13500 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2312
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\vsnp325.exe"
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" /r
"C:\Windows\tsnp325.exe"
"C:\Windows\FixCamera.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9661fc97-1434-47b4-b87c-b2eb47915504 -SystemEventPortName:HostProcess-87b32de2-02b5-4921-8245-4051633abb42 -IoCancelEventPortName:HostProcess-97c9a75d-3653-4007-8f13-140c19c3ffd9 -NonStateChangingEventPortName:HostProcess-d9f4770a-5882-46b7-9122-de21a22dab95 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9f7f9252-44c0-4851-a224-3452c830b517
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCHelper.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"taskhost.exe"
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /welcome
taskeng.exe {08907F3E-0FC2-4939-93E0-196674D3300B}
taskeng.exe {9C2FB08E-C5CE-4B21-AE20-8107E7938ABC}
"C:\Stahování\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2012-03-16 376672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-12-13 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2012-03-16 226736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-01-21 345968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-20 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-12-29 142288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-20 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"snp325"=C:\Windows\vsnp325.exe [2006-10-10 827392]
"AutoKMS"=C:\Windows\AutoKMS.exe [2012-02-04 615936]
"TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2011-09-18 1892352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2012-03-17 3478936]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-02-21 21416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative SB Monitoring Utility]
RunDll32 sbavmon.dll,SBAVMonitor []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-02-21 21416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Cheaterboy\AppData\Roaming\QipGuard\QipGuard.exe [2012-01-12 191440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent]
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [2011-01-21 776064]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]
"CTSysVol"=C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe [2003-09-17 57344]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"tsnp325"=C:\Windows\tsnp325.exe [2007-04-21 270336]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"FixCamera"=C:\Windows\FixCamera.exe [2007-07-11 20480]
"ZyngaGamesAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-01 23:14:35 ----D---- C:\rsit
2012-04-01 23:14:35 ----D---- C:\Program Files\trend micro
2012-04-01 23:06:28 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-04-01 23:06:28 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-04-01 23:06:27 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-04-01 23:06:27 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-04-01 23:06:27 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-04-01 23:06:27 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-04-01 23:06:05 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-04-01 23:06:05 ----A---- C:\Windows\avastSS.scr
2012-04-01 22:23:10 ----D---- C:\Program Files (x86)\Electronic Arts
2012-04-01 22:21:03 ----D---- C:\Program Files (x86)\Microsoft WSE
2012-04-01 12:37:17 ----D---- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
2012-04-01 12:37:02 ----D---- C:\Program Files (x86)\SecondLifeViewer
2012-03-31 13:22:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-03-31 05:32:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-03-24 22:43:05 ----D---- C:\ProgramData\TrackMania
2012-03-23 17:10:38 ----D---- C:\Program Files (x86)\Audacity
2012-03-16 13:08:36 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2012-03-15 15:46:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-15 15:46:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-15 15:46:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-15 13:41:13 ----A---- C:\Windows\system32\win32k.sys
2012-03-15 13:41:12 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-15 13:41:12 ----A---- C:\Windows\system32\DWrite.dll
2012-03-15 13:40:37 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-15 13:40:37 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-15 13:40:37 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-15 13:40:29 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-15 13:40:29 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-15 13:40:29 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-15 13:40:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-11 12:11:03 ----D---- C:\Program Files (x86)\GeMM
2012-03-06 17:15:24 ----D---- C:\Users\Cheaterboy\AppData\Roaming\LOVE
2012-03-02 03:01:35 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys
2012-03-02 03:01:35 ----A---- C:\Windows\system32\drivers\ssadwh.sys
2012-03-02 03:01:35 ----A---- C:\Windows\system32\drivers\ssadmdm.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadserd.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadcm.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadbus.sys
2012-03-02 03:01:34 ----A---- C:\Windows\system32\drivers\ssadadb.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdwhnt.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdwh.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdserd.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdmdm.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdmdfl.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdcmnt.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdcm.sys
2012-03-02 03:01:17 ----A---- C:\Windows\system32\drivers\sscdbus.sys
2012-03-02 03:01:13 ----D---- C:\Program Files\SAMSUNG
======List of files/folders modified in the last 1 month======
2012-04-01 23:14:36 ----D---- C:\Windows\Temp
2012-04-01 23:14:35 ----RD---- C:\Program Files
2012-04-01 23:14:20 ----D---- C:\Stahování
2012-04-01 23:06:28 ----D---- C:\Windows\system32\drivers
2012-04-01 23:06:26 ----SHD---- C:\Windows\Installer
2012-04-01 23:06:26 ----SHD---- C:\Config.Msi
2012-04-01 23:06:05 ----D---- C:\Windows\SysWOW64
2012-04-01 23:06:05 ----D---- C:\Windows
2012-04-01 23:05:58 ----D---- C:\ProgramData\AVAST Software
2012-04-01 23:05:58 ----D---- C:\Program Files\AVAST Software
2012-04-01 23:05:56 ----SHD---- C:\System Volume Information
2012-04-01 23:02:44 ----D---- C:\Users\Cheaterboy\AppData\Roaming\uTorrent
2012-04-01 23:01:25 ----D---- C:\Windows\System32
2012-04-01 23:01:25 ----D---- C:\Windows\inf
2012-04-01 23:01:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-01 22:55:21 ----D---- C:\Users\Cheaterboy\AppData\Roaming\DMCache
2012-04-01 22:55:06 ----HD---- C:\ProgramData
2012-04-01 22:50:08 ----D---- C:\Windows\Minidump
2012-04-01 22:45:12 ----D---- C:\ProgramData\Electronic Arts
2012-04-01 22:23:10 ----RD---- C:\Program Files (x86)
2012-04-01 22:21:04 ----RSD---- C:\Windows\assembly
2012-04-01 22:16:45 ----D---- C:\HRY
2012-04-01 22:16:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-04-01 22:15:44 ----D---- C:\Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite
2012-04-01 21:40:01 ----D---- C:\Program Files (x86)\Steam
2012-04-01 21:40:00 ----D---- C:\Users\Cheaterboy\AppData\Roaming\TS3Client
2012-04-01 21:40:00 ----D---- C:\Users\Cheaterboy\AppData\Roaming\Skype
2012-04-01 21:40:00 ----D---- C:\Users\Cheaterboy\AppData\Roaming\IDM
2012-04-01 21:40:00 ----D---- C:\Users\Cheaterboy\AppData\Roaming\FileZilla
2012-04-01 21:39:59 ----D---- C:\Windows\Panther
2012-04-01 21:39:59 ----D---- C:\Windows\Logs
2012-04-01 21:39:59 ----D---- C:\Windows\debug
2012-04-01 21:36:51 ----D---- C:\Program Files\CCleaner
2012-04-01 20:15:35 ----D---- C:\Windows\system32\config
2012-04-01 14:38:43 ----D---- C:\Users\Cheaterboy\AppData\Roaming\vlc
2012-04-01 03:24:55 ----D---- C:\Windows\Prefetch
2012-03-31 17:22:16 ----D---- C:\Program Files (x86)\Diablo III Beta
2012-03-31 17:05:43 ----D---- C:\Users\Cheaterboy\AppData\Roaming\Audacity
2012-03-31 16:53:49 ----D---- C:\Program Files (x86)\uTorrent
2012-03-31 05:32:59 ----D---- C:\Windows\Tasks
2012-03-31 05:32:59 ----D---- C:\Windows\system32\Tasks
2012-03-30 22:14:34 ----D---- C:\Windows\system32\catroot2
2012-03-29 13:22:22 ----D---- C:\Users\Cheaterboy\AppData\Roaming\SoftGrid Client
2012-03-28 00:56:10 ----D---- C:\Program Files (x86)\VideoLAN
2012-03-25 12:28:24 ----D---- C:\ATI
2012-03-25 12:03:34 ----D---- C:\Users\Cheaterboy\AppData\Roaming\.minecraft
2012-03-25 11:56:12 ----RSD---- C:\Windows\Fonts
2012-03-24 12:12:11 ----D---- C:\Program Files (x86)\Internet Download Manager
2012-03-21 22:40:56 ----D---- C:\HUDBA
2012-03-20 14:47:14 ----D---- C:\Windows\Microsoft.NET
2012-03-20 13:41:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-03-15 20:51:10 ----D---- C:\Windows\winsxs
2012-03-15 15:46:26 ----D---- C:\Windows\system32\catroot
2012-03-15 15:45:06 ----A---- C:\Windows\system32\MRT.exe
2012-03-15 15:44:58 ----D---- C:\ProgramData\Microsoft Help
2012-03-15 13:35:02 ----D---- C:\Windows\SYSWOW64\wbem
2012-03-15 13:35:02 ----D---- C:\Windows\system32\wbem
2012-03-15 13:35:01 ----D---- C:\Windows\system32\wfp
2012-03-15 13:35:01 ----D---- C:\Windows\system32\DriverStore
2012-03-15 13:35:01 ----D---- C:\Windows\system32\drivers\etc
2012-03-15 13:35:00 ----D---- C:\Windows\AppCompat
2012-03-15 13:35:00 ----D---- C:\Users\Cheaterboy\AppData\Roaming\GHISLER
2012-03-15 13:34:57 ----D---- C:\Windows\registration
2012-03-15 13:33:29 ----D---- C:\Windows\system32\LogFiles
2012-03-10 12:28:38 ----D---- C:\Program Files (x86)\MDK2
2012-03-07 01:15:03 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-15 279616]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 359552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SNP325;USB PC Camera (SNPSTD325); C:\Windows\system32\DRIVERS\snp325.sys [2007-04-03 10549248]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-05-25 36328]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2011-07-06 1148288]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-05-25 125416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-05-25 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-05-25 159208]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2010-05-25 126952]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-04-27 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-04-27 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-04-27 172104]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2010-04-27 141384]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 wod0205;WeOnlyDo Network Adapter 2.5; C:\Windows\system32\DRIVERS\wod0205.sys [2011-04-23 33160]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 204288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-01-05 75136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2012-01-12 191440]
R2 SCBackService;Splashtop Connect Service; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 253600]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
Zdravim a pekny den preji 
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
Prosím vás, ve vašem podpisu se nic nepíše o programu "OTL" hledal jsem i na fóru ale bohužel nic.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Omlouvám se kolegovi vyosek za vstup. 
Stáhni tedy OTL z tohoto odkazu a dále pokračuj přesně podle postupu kolegy vyoska.
Tos hledal opravdu dost mizerně, protože OTL tu používáme velice často.Cheaterboy píše:Prosím vás, ve vašem podpisu se nic nepíše o programu "OTL" hledal jsem i na fóru ale bohužel nic.
Stáhni tedy OTL z tohoto odkazu a dále pokračuj přesně podle postupu kolegy vyoska.-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o preventivní kontrolu
Diky kolegovi za vstup, chyba na me strane - daval jsem postup z netbooku kde nemam aktualizvany navod...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
Tak schválně zkuste dát Hledat a zadat "OTL" a jsem zvědav co vám to najde...Mc_Murphy píše:Omlouvám se kolegovi vyosek za vstup.
Tos hledal opravdu dost mizerně, protože OTL tu používáme velice často.Cheaterboy píše:Prosím vás, ve vašem podpisu se nic nepíše o programu "OTL" hledal jsem i na fóru ale bohužel nic.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Udělej konečně ten scan a nemudruj.Cheaterboy píše:Tak schválně zkuste dát Hledat a zadat "OTL" a jsem zvědav co vám to najde...
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
Jo? Tak se semnou příště nehádej 
http://www.mediafire.com/?nec6gdvyo979jqw - Extras.txt
http://www.mediafire.com/?agddficpxlepif3 - OTL.txt
http://www.mediafire.com/?nec6gdvyo979jqw - Extras.txt
http://www.mediafire.com/?agddficpxlepif3 - OTL.txt
Re: Prosím o preventivní kontrolu
Logy mi sem prosim dejte, lepe se lusti - pokud jsou dlouhe, tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Já se s Tebou nehádám, já mám pravdu.Cheaterboy píše:Jo? Tak se semnou příště nehádej
Howgh.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
OTL.txt
OTL logfile created on: 3.4.2012 19:53:02 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Stahování
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,98 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,41% Memory free
15,97 Gb Paging File | 13,55 Gb Available in Paging File | 84,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1855,20 Gb Total Space | 1388,76 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Drive J: | 660,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHEATERBOY-PC | User Name: Cheaterboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.03 19:50:37 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Stahování\OTL.exe
PRC - [2012.03.31 16:53:41 | 000,751,480 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.03.17 10:10:14 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.01.25 23:52:01 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files (x86)\QipGuard\QipGuard.exe
PRC - [2012.01.05 00:34:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.03.22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010.11.29 06:56:00 | 003,709,856 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010.11.21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.11.15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010.11.15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2007.07.11 17:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
PRC - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
PRC - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\Windows\vsnp325.exe
PRC - [2003.09.17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.31 05:32:58 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012.03.20 14:46:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
MOD - [2012.03.20 14:45:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e86e6094904541b5f9cf7df0709349d2\System.Runtime.Remoting.ni.dll
MOD - [2012.03.20 14:45:26 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
MOD - [2012.03.20 13:40:58 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e48a8a41e50ee180c6ca9c50e4575f42\PresentationFramework.ni.dll
MOD - [2012.03.20 13:40:50 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9dee5fd0cf53fc233a7fc20edf8e66ed\PresentationCore.ni.dll
MOD - [2012.03.20 13:40:48 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll
MOD - [2012.03.20 13:40:46 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
MOD - [2012.03.20 13:40:44 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
MOD - [2012.03.20 13:40:43 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef8c44c3c8766f219f576faab54c8dc7\WindowsBase.ni.dll
MOD - [2012.03.20 13:40:42 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll
MOD - [2012.03.20 13:40:41 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012.03.20 13:40:41 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8b8a5c194aacfb2102d4e26b75a84e03\PresentationFramework.Aero.ni.dll
MOD - [2012.03.20 13:40:37 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll
MOD - [2012.02.21 22:43:03 | 000,115,137 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Local\Temp\c06086cf-47b1-4760-b263-4e4271d9922f\CliSecureRT.dll
MOD - [2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.02.16 23:27:14 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll
MOD - [2012.02.16 23:25:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 23:25:19 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.16 23:25:15 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.16 23:25:13 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.16 23:25:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.16 23:25:05 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.16 23:25:03 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012.01.25 23:52:04 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012.01.25 23:52:04 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.01.25 23:52:04 | 000,275,968 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.01.25 23:52:04 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.01.25 23:52:04 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.01.25 23:52:04 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.01.25 23:52:04 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.01.25 23:52:04 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.01.25 23:52:04 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.01.25 23:52:04 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.01.25 23:52:04 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.01.25 23:52:04 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.01.25 23:52:04 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.12.31 17:04:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll
MOD - [2011.12.31 17:03:39 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.11.21 11:27:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.07.11 17:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
MOD - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
MOD - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\Windows\vsnp325.exe
MOD - [2004.12.20 20:52:54 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Astonsoft\DeepBurner Pro\DeepBurnerShellEx.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.11.10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.04.01 23:04:26 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2012.01.05 23:23:30 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.05 00:34:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.12 22:14:16 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.03.22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010.11.15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.02.08 03:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011.12.15 00:16:34 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.05 10:55:02 | 000,729,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011.07.06 11:10:44 | 001,148,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.04.23 21:30:18 | 000,033,160 | ---- | M] (WeOnlyDo Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wod0205.sys -- (wod0205)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.26 08:06:02 | 000,039,808 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.26 08:06:00 | 000,064,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.05.25 09:59:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010.05.25 09:59:24 | 000,126,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2010.05.25 09:59:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.05.25 09:59:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.05.25 09:59:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.04.27 04:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.04.27 04:25:20 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV:64bit: - [2010.04.27 04:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.04.27 04:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009.09.23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2007.04.03 14:56:16 | 010,549,248 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.02.03 02:50:28 | 000,004,224 | ---- | M] () [File_System | System | Unknown] -- C:\Windows\SysWow64\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722}
IE:64bit: - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.atcomp.cz [binary data]
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722}
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{3400811A-5CEC-4f92-9E26-279D0985F342}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Cheaterboy\AppData\Roaming\IDM\idmmzcc5 [2012.03.23 17:17:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Cheaterboy\AppData\Roaming\IDM\idmmzcc5 [2012.03.23 17:17:36 | 000,000,000 | ---D | M]
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: avast! WebRep = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe ()
O4:64bit: - HKLM..\Run: [TNOD UP] C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 176.102.128.2 176.102.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D0F65D-4389-4162-B866-EE864DDB1D91}: DhcpNameServer = 176.102.128.2 176.102.128.3
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.02 14:46:26 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\Documents\Electronic Arts
[2012.04.01 23:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.01 23:14:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.01 23:06:28 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.04.01 23:06:28 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.04.01 23:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.01 23:06:27 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.04.01 23:06:27 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.04.01 23:06:27 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.04.01 23:06:27 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.04.01 23:06:05 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.04.01 23:06:05 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.01 22:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.04.01 22:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012.04.01 12:37:17 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2012.04.01 12:37:15 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\AppData\Local\SecondLife
[2012.04.01 12:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2012.04.01 12:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer
[2012.03.31 13:22:40 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.03.31 05:32:58 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.03.30 23:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2012.03.28 00:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.04.03 19:54:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.03 19:22:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.03 19:14:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.03 14:26:35 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 14:26:35 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 14:24:17 | 001,579,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.03 14:24:17 | 000,668,650 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.04.03 14:24:17 | 000,653,160 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.03 14:24:17 | 000,141,040 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.04.03 14:24:17 | 000,121,834 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.03 14:19:25 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.03 14:18:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.03 14:18:10 | 2134,200,319 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.02 21:54:34 | 011,432,983 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\1.4 00_21_36-00_27_33.mp3
[2012.04.02 21:37:59 | 006,150,815 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\báry - speedball..mp3
[2012.04.02 21:23:10 | 004,593,499 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\draci mp3.mp3
[2012.04.02 15:04:52 | 000,002,098 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\The Sims 3.lnk
[2012.04.02 14:51:49 | 000,002,256 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Povolání snů.lnk
[2012.04.01 23:06:28 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.01 23:06:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.04.01 23:04:26 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.01 23:04:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.01 22:59:12 | 000,008,356 | ---- | M] () -- C:\Users\Cheaterboy\Documents\cc_20120401_225910.reg
[2012.04.01 22:49:58 | 592,142,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.04.01 22:22:58 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.01 21:43:13 | 000,099,208 | ---- | M] () -- C:\Users\Cheaterboy\Documents\cc_20120401_214310.reg
[2012.04.01 21:36:51 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.01 12:37:14 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012.03.30 22:52:53 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2012.03.28 00:57:15 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.27 23:52:33 | 000,001,194 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\Rayman Origins.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.03 19:54:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.02 21:53:46 | 011,432,983 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\1.4 00_21_36-00_27_33.mp3
[2012.04.02 21:37:26 | 006,150,815 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\báry - speedball..mp3
[2012.04.02 21:22:22 | 004,593,499 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\draci mp3.mp3
[2012.04.02 15:04:52 | 000,002,098 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\The Sims 3.lnk
[2012.04.02 14:51:49 | 000,002,256 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Povolání snů.lnk
[2012.04.01 23:06:28 | 000,001,886 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.01 22:59:11 | 000,008,356 | ---- | C] () -- C:\Users\Cheaterboy\Documents\cc_20120401_225910.reg
[2012.04.01 22:25:03 | 592,142,287 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.04.01 22:23:12 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
[2012.04.01 21:43:11 | 000,099,208 | ---- | C] () -- C:\Users\Cheaterboy\Documents\cc_20120401_214310.reg
[2012.04.01 12:37:14 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012.03.31 05:32:59 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.03.28 00:57:15 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.27 23:52:33 | 000,001,194 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\Rayman Origins.lnk
[2012.03.02 01:28:58 | 000,008,704 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.06 20:55:24 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012.02.06 20:55:24 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2012.02.05 14:58:14 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpx32.dll
[2012.02.04 15:10:43 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.02.04 15:10:43 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.01.27 18:55:41 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2012.01.27 18:55:40 | 000,827,392 | ---- | C] () -- C:\Windows\vsnp325.exe
[2012.01.27 18:55:40 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2012.01.27 18:55:40 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2012.01.27 18:55:39 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll
[2012.01.27 18:55:39 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll
[2012.01.27 18:55:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll
[2012.01.27 17:26:22 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2012.01.27 17:26:22 | 000,039,776 | ---- | C] () -- C:\Windows\SysWow64\drivers\STREAM.SYS
[2012.01.07 03:23:58 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2012.01.04 04:01:39 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.04 04:01:31 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.04 04:01:30 | 000,000,304 | ---- | C] () -- C:\Windows\game.ini
[2011.12.29 20:51:27 | 000,000,000 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\{5CD9A441-94B2-4850-88A0-C29ABC2116E7}
[2011.12.27 23:12:17 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.12.25 15:01:16 | 001,561,044 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.21 13:51:40 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.12.21 13:51:40 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.12.18 02:19:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.12.13 18:32:38 | 000,000,880 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\SRDownloader.nast
[2011.12.12 21:49:24 | 000,000,347 | ---- | C] () -- C:\Windows\CTWave32.INI
[2011.12.12 20:31:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.12.12 20:25:22 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.03 16:51:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
OTL logfile created on: 3.4.2012 19:53:02 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Stahování
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,98 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,41% Memory free
15,97 Gb Paging File | 13,55 Gb Available in Paging File | 84,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1855,20 Gb Total Space | 1388,76 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Drive J: | 660,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHEATERBOY-PC | User Name: Cheaterboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.03 19:50:37 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Stahování\OTL.exe
PRC - [2012.03.31 16:53:41 | 000,751,480 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.03.17 10:10:14 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.01.25 23:52:01 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files (x86)\QipGuard\QipGuard.exe
PRC - [2012.01.05 00:34:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.03.22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010.11.29 06:56:00 | 003,709,856 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010.11.21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.11.15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010.11.15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2007.07.11 17:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
PRC - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
PRC - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\Windows\vsnp325.exe
PRC - [2003.09.17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.31 05:32:58 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012.03.20 14:46:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
MOD - [2012.03.20 14:45:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e86e6094904541b5f9cf7df0709349d2\System.Runtime.Remoting.ni.dll
MOD - [2012.03.20 14:45:26 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
MOD - [2012.03.20 13:40:58 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e48a8a41e50ee180c6ca9c50e4575f42\PresentationFramework.ni.dll
MOD - [2012.03.20 13:40:50 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9dee5fd0cf53fc233a7fc20edf8e66ed\PresentationCore.ni.dll
MOD - [2012.03.20 13:40:48 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll
MOD - [2012.03.20 13:40:46 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
MOD - [2012.03.20 13:40:44 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
MOD - [2012.03.20 13:40:43 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef8c44c3c8766f219f576faab54c8dc7\WindowsBase.ni.dll
MOD - [2012.03.20 13:40:42 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll
MOD - [2012.03.20 13:40:41 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012.03.20 13:40:41 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8b8a5c194aacfb2102d4e26b75a84e03\PresentationFramework.Aero.ni.dll
MOD - [2012.03.20 13:40:37 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll
MOD - [2012.02.21 22:43:03 | 000,115,137 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Local\Temp\c06086cf-47b1-4760-b263-4e4271d9922f\CliSecureRT.dll
MOD - [2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.02.16 23:27:14 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll
MOD - [2012.02.16 23:25:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 23:25:19 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.16 23:25:15 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.16 23:25:13 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.16 23:25:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.16 23:25:05 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.16 23:25:03 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012.01.25 23:52:04 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012.01.25 23:52:04 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.01.25 23:52:04 | 000,275,968 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.01.25 23:52:04 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.01.25 23:52:04 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.01.25 23:52:04 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.01.25 23:52:04 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.01.25 23:52:04 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.01.25 23:52:04 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.01.25 23:52:04 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.01.25 23:52:04 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.01.25 23:52:04 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.01.25 23:52:04 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.12.31 17:04:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll
MOD - [2011.12.31 17:03:39 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.11.21 11:27:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.07.11 17:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
MOD - [2007.04.21 10:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe
MOD - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\Windows\vsnp325.exe
MOD - [2004.12.20 20:52:54 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Astonsoft\DeepBurner Pro\DeepBurnerShellEx.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.11.10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.04.01 23:04:26 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2012.01.05 23:23:30 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.05 00:34:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.12 22:14:16 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.03.22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010.11.15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.02.08 03:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011.12.15 00:16:34 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.05 10:55:02 | 000,729,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011.07.06 11:10:44 | 001,148,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.04.23 21:30:18 | 000,033,160 | ---- | M] (WeOnlyDo Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wod0205.sys -- (wod0205)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.26 08:06:02 | 000,039,808 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.26 08:06:00 | 000,064,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.05.25 09:59:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010.05.25 09:59:24 | 000,126,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2010.05.25 09:59:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.05.25 09:59:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.05.25 09:59:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.04.27 04:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.04.27 04:25:20 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV:64bit: - [2010.04.27 04:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.04.27 04:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009.09.23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2007.04.03 14:56:16 | 010,549,248 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.02.03 02:50:28 | 000,004,224 | ---- | M] () [File_System | System | Unknown] -- C:\Windows\SysWow64\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722}
IE:64bit: - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.atcomp.cz [binary data]
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722}
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{3400811A-5CEC-4f92-9E26-279D0985F342}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Cheaterboy\AppData\Roaming\IDM\idmmzcc5 [2012.03.23 17:17:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Cheaterboy\AppData\Roaming\IDM\idmmzcc5 [2012.03.23 17:17:36 | 000,000,000 | ---D | M]
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: avast! WebRep = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Cheaterboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe ()
O4:64bit: - HKLM..\Run: [TNOD UP] C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 176.102.128.2 176.102.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D0F65D-4389-4162-B866-EE864DDB1D91}: DhcpNameServer = 176.102.128.2 176.102.128.3
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.02 14:46:26 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\Documents\Electronic Arts
[2012.04.01 23:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.01 23:14:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.01 23:06:28 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.04.01 23:06:28 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.04.01 23:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.01 23:06:27 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.04.01 23:06:27 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.04.01 23:06:27 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.04.01 23:06:27 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.04.01 23:06:05 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.04.01 23:06:05 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.01 22:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.04.01 22:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012.04.01 12:37:17 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2012.04.01 12:37:15 | 000,000,000 | ---D | C] -- C:\Users\Cheaterboy\AppData\Local\SecondLife
[2012.04.01 12:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2012.04.01 12:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer
[2012.03.31 13:22:40 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.03.31 05:32:58 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.03.30 23:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2012.03.28 00:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.04.03 19:54:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.03 19:22:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.03 19:14:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.03 14:26:35 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 14:26:35 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 14:24:17 | 001,579,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.03 14:24:17 | 000,668,650 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.04.03 14:24:17 | 000,653,160 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.03 14:24:17 | 000,141,040 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.04.03 14:24:17 | 000,121,834 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.03 14:19:25 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.03 14:18:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.03 14:18:10 | 2134,200,319 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.02 21:54:34 | 011,432,983 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\1.4 00_21_36-00_27_33.mp3
[2012.04.02 21:37:59 | 006,150,815 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\báry - speedball..mp3
[2012.04.02 21:23:10 | 004,593,499 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\draci mp3.mp3
[2012.04.02 15:04:52 | 000,002,098 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\The Sims 3.lnk
[2012.04.02 14:51:49 | 000,002,256 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Povolání snů.lnk
[2012.04.01 23:06:28 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.01 23:06:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.04.01 23:04:26 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.01 23:04:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.01 22:59:12 | 000,008,356 | ---- | M] () -- C:\Users\Cheaterboy\Documents\cc_20120401_225910.reg
[2012.04.01 22:49:58 | 592,142,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.04.01 22:22:58 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.01 21:43:13 | 000,099,208 | ---- | M] () -- C:\Users\Cheaterboy\Documents\cc_20120401_214310.reg
[2012.04.01 21:36:51 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.01 12:37:14 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012.03.30 22:52:53 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2012.03.28 00:57:15 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.27 23:52:33 | 000,001,194 | ---- | M] () -- C:\Users\Cheaterboy\Desktop\Rayman Origins.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.03 19:54:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.02 21:53:46 | 011,432,983 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\1.4 00_21_36-00_27_33.mp3
[2012.04.02 21:37:26 | 006,150,815 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\báry - speedball..mp3
[2012.04.02 21:22:22 | 004,593,499 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\draci mp3.mp3
[2012.04.02 15:04:52 | 000,002,098 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\The Sims 3.lnk
[2012.04.02 14:51:49 | 000,002,256 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Povolání snů.lnk
[2012.04.01 23:06:28 | 000,001,886 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.01 22:59:11 | 000,008,356 | ---- | C] () -- C:\Users\Cheaterboy\Documents\cc_20120401_225910.reg
[2012.04.01 22:25:03 | 592,142,287 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.04.01 22:23:12 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
[2012.04.01 21:43:11 | 000,099,208 | ---- | C] () -- C:\Users\Cheaterboy\Documents\cc_20120401_214310.reg
[2012.04.01 12:37:14 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012.03.31 05:32:59 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.03.28 00:57:15 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.27 23:52:33 | 000,001,194 | ---- | C] () -- C:\Users\Cheaterboy\Desktop\Rayman Origins.lnk
[2012.03.02 01:28:58 | 000,008,704 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.06 20:55:24 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012.02.06 20:55:24 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2012.02.05 14:58:14 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpx32.dll
[2012.02.04 15:10:43 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.02.04 15:10:43 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.01.27 18:55:41 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2012.01.27 18:55:40 | 000,827,392 | ---- | C] () -- C:\Windows\vsnp325.exe
[2012.01.27 18:55:40 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2012.01.27 18:55:40 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2012.01.27 18:55:39 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll
[2012.01.27 18:55:39 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll
[2012.01.27 18:55:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll
[2012.01.27 17:26:22 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2012.01.27 17:26:22 | 000,039,776 | ---- | C] () -- C:\Windows\SysWow64\drivers\STREAM.SYS
[2012.01.07 03:23:58 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2012.01.04 04:01:39 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.04 04:01:31 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.04 04:01:30 | 000,000,304 | ---- | C] () -- C:\Windows\game.ini
[2011.12.29 20:51:27 | 000,000,000 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\{5CD9A441-94B2-4850-88A0-C29ABC2116E7}
[2011.12.27 23:12:17 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.12.25 15:01:16 | 001,561,044 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.21 13:51:40 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.12.21 13:51:40 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.12.18 02:19:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.12.13 18:32:38 | 000,000,880 | ---- | C] () -- C:\Users\Cheaterboy\AppData\Local\SRDownloader.nast
[2011.12.12 21:49:24 | 000,000,347 | ---- | C] () -- C:\Windows\CTWave32.INI
[2011.12.12 20:31:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.12.12 20:25:22 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.03 16:51:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
========== LOP Check ==========
[2012.03.25 12:03:34 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\.minecraft
[2012.01.18 23:20:08 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Acoustica
[2012.03.31 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Audacity
[2012.01.23 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Avnex
[2012.01.11 03:25:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO
[2012.04.01 22:15:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite
[2012.02.04 17:19:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Day 1 Studios
[2011.12.24 22:12:05 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DeepBurner Pro
[2012.04.03 01:06:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DMCache
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\FileZilla
[2012.03.15 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\GHISLER
[2011.12.15 00:43:13 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Guitar Pro 6
[2012.01.08 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ICQ
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\IDM
[2012.03.06 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\LOVE
[2011.12.12 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Opera
[2012.01.07 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QIP
[2012.02.02 00:56:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard
[2012.02.10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Samsung
[2012.04.01 12:37:17 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2012.01.15 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sinvise Systems
[2012.03.29 13:22:22 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SoftGrid Client
[2012.01.22 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sony
[2011.12.12 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Splashtop
[2012.01.05 14:21:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Steinberg
[2012.01.18 23:20:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SynthMaker
[2012.02.10 23:37:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Temp
[2011.12.25 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TP
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TS3Client
[2012.02.04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TuneUp Software
[2011.12.18 02:51:47 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Tunngle
[2012.02.12 00:34:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Ubisoft
[2012.04.03 19:55:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\uTorrent
[2012.02.17 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\VitySoft
[2011.12.18 03:13:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Wippien
[2011.12.12 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Zoner
[2012.01.29 14:34:40 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\drivers\ichxr\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\install\ichxr\64\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_05602dde0a28e7f4\iaStor.sys
[2010.11.06 00:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\install\ichxr\32\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp files -> C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp -> ]
[1 C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp files -> C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp -> ]
[1 C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp files -> C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp -> ]
[1 C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp files -> C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp -> ]
[1 C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp files -> C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp -> ]
[1 C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp files -> C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp -> ]
[1 C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp files -> C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp -> ]
[1 C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp files -> C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp -> ]
[1 C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp files -> C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp -> ]
[1 C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp files -> C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp -> ]
[1 C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp files -> C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp -> ]
[1 C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp files -> C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp -> ]
[1 C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp files -> C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.04.03 20:00:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\.minecraft
[2012.01.18 23:20:08 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Acoustica
[2011.12.17 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Adobe
[2011.12.12 19:13:27 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ATI
[2012.03.31 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Audacity
[2012.01.23 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Avnex
[2012.01.11 03:25:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO
[2012.04.01 22:15:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite
[2012.02.04 17:19:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Day 1 Studios
[2011.12.24 22:12:05 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DeepBurner Pro
[2012.04.03 01:06:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DMCache
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\FileZilla
[2012.03.15 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\GHISLER
[2011.12.15 00:43:13 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Guitar Pro 6
[2011.12.18 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Hamachi
[2012.01.08 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ICQ
[2011.12.12 19:13:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Identities
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\IDM
[2011.12.12 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\InstallShield
[2011.12.12 20:38:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Intel Corporation
[2012.03.06 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\LOVE
[2011.12.12 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Macromedia
[2010.11.21 11:38:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Media Center Programs
[2012.02.04 15:09:02 | 000,000,000 | --SD | M] -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla
[2011.12.24 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Nero
[2011.12.12 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Opera
[2012.01.07 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QIP
[2012.02.02 00:56:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard
[2012.02.10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Samsung
[2012.04.01 12:37:17 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2011.12.18 13:21:56 | 000,000,000 | RH-D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecuROM
[2012.01.15 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sinvise Systems
[2012.04.02 15:04:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Skype
[2012.03.29 13:22:22 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SoftGrid Client
[2012.01.22 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sony
[2011.12.12 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Splashtop
[2012.01.05 14:21:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Steinberg
[2012.01.18 23:20:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SynthMaker
[2012.02.10 23:37:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Temp
[2011.12.25 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TP
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TS3Client
[2012.02.04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TuneUp Software
[2011.12.18 02:51:47 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Tunngle
[2012.02.12 00:34:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Ubisoft
[2012.04.03 20:15:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\uTorrent
[2012.02.17 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\VitySoft
[2012.04.03 19:40:15 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\vlc
[2011.12.12 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\WinRAR
[2011.12.18 03:13:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Wippien
[2011.12.12 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2002.08.29 19:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\MafiaSetup.exe
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2012.01.25 18:03:10 | 000,029,926 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.04.01 22:21:03 | 000,010,134 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.02.04 15:07:28 | 000,786,492 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2012.02.04 15:07:29 | 015,823,872 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2012.02.04 15:07:28 | 000,107,008 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard\QipGuard.exe
[2012.02.21 22:42:58 | 000,106,408 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.02.21 22:42:58 | 000,101,288 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.04.01 13:23:57 | 000,000,000 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife\logs\SecondLife.exec_marker
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.01 23:06:27 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.01 23:04:26 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.04.01 23:04:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.04.01 22:22:58 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerInstaller.exe
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"IDMan" = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot -- [2012.03.17 10:10:14 | 003,478,936 | ---- | M] (Tonec Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"KiesPDLR" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012.02.21 22:42:58 | 000,021,416 | ---- | M] ()
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.03 19:54:05 | 000,000,512 | ---- | M] () MD5=4169F3E23004AA94166F58A19EBA4175 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.09.21 16:21:18 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2006.09.21 16:21:18 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2006.09.26 14:04:34 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2006.09.21 16:21:14 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2006.09.27 20:47:30 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2006.09.26 14:04:36 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2006.09.27 17:23:02 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2006.09.21 16:21:12 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2006.09.21 14:29:32 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2006.09.21 14:29:40 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2006.09.21 14:29:38 | 000,017,490 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2011.12.22 15:46:01 | 000,175,008 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\ground\asphalt_01_cracked.vtf
[2011.12.22 15:48:27 | 000,002,550 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.mdl
[2011.12.22 15:48:27 | 000,001,445 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.phy
[2011.12.22 15:48:27 | 000,011,648 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.vvd
[2011.12.22 15:48:27 | 000,002,925 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.mdl
[2011.12.22 15:48:27 | 000,001,285 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.phy
[2011.12.22 15:48:27 | 000,013,376 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.vvd
[2011.12.22 15:48:27 | 000,003,375 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.mdl
[2011.12.22 15:48:27 | 000,001,285 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.phy
[2011.12.22 15:48:27 | 000,015,296 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.vvd
[2011.12.22 15:51:16 | 000,014,584 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_01.wav
[2011.12.22 15:51:16 | 000,022,052 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_02.wav
[2011.12.22 15:51:16 | 000,033,374 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_03.wav
[2011.12.22 15:51:16 | 000,021,682 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_04.wav
[2011.12.22 15:51:02 | 000,026,714 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Female\wf_followup_areyouoncrackv1.wav
[2011.12.22 15:51:07 | 000,025,690 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Male\wm_followup_areyouoncrackv1.wav
[2011.12.22 15:51:07 | 000,025,690 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Male\wm_followup_areyouoncrackv2.wav
[2012.01.04 10:21:01 | 4243,357,696 | ---- | M] () -- \INSTALAČKY\Mass Effect 2_CZ + DLC\DVD1 + Crack.iso
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2006.08.11 14:52:46 | 000,068,698 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\Track Presets\Audio\Nutcracker Synth Brass.trackpreset
[2006.08.03 13:42:44 | 000,000,799 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\VST3 Presets\Steinberg Media Technologies\Grungelizer\Vinyl Crackles.vstpreset
[2006.08.03 13:49:42 | 000,003,755 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\VST3 Presets\Steinberg Media Technologies\StudioChorus\Chipmunks On Crack.vstpreset
[2012.02.04 22:21:07 | 024,591,246 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2011\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe
[2012.02.12 04:10:13 | 089,150,446 | ---- | M] () -- \Stahování\Assasins Creed Trilogy CZ + dlc + full hd tapety\Assassins Creed 2+crack,emulator,cestina\crack,emulator,cestina.rar
[2012.01.11 00:34:48 | 000,000,319 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fi.crackedcdn.com%2Ffavicon.png
[2012.01.15 00:12:08 | 000,000,522 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\www.cracked.com.idx
< *keygen* /s >
[2011.12.28 02:23:39 | 000,339,024 | ---- | M] () -- \HRY\Postal.3.Retail [English]\HOW_TO_USE_KEYGEN.png
[2011.12.06 17:26:04 | 000,716,800 | R--- | M] () -- \HRY\Postal.3.Retail [English]\keygen.exe
[2011.12.28 04:27:39 | 000,638,322 | ---- | M] () -- \HRY\Postal.3.Retail [English]\Keygen.rar
[2011.12.27 00:12:09 | 002,896,384 | ---- | M] () -- \INSTALAČKY\L A Noire 2011 (crack patch cz)\L.A.-Noire---KEYGEN.exe
[2012.03.11 02:59:44 | 000,339,024 | ---- | M] () -- \Stahování\Postal III-English\HOW_TO_USE_KEYGEN.png
[2012.03.11 02:59:44 | 000,638,322 | ---- | M] () -- \Stahování\Postal III-English\Postal 3 keygen [backup].rar
[2010.12.26 00:16:52 | 000,070,479 | ---- | M] () -- \Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\keygen.exe
[2011.01.25 05:31:54 | 000,066,336 | ---- | M] () -- \Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\Keygen.rar
[2012.03.16 13:34:59 | 000,021,516 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-F0DADA6E.pf
< *loader* /s >
[2011.09.02 21:08:51 | 000,228,352 | ---- | M] () -- \HRY\Call of Juarez The Cartel\ubiorbitapi_r2_loader.dll
[2011.12.22 15:24:33 | 000,064,352 | ---- | M] () -- \HRY\Postal.3.Retail [English]\bin\physxLoader.dll
[2011.12.22 15:46:15 | 000,000,546 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\models\cars\frontloader_01.vmt
[2011.12.22 15:46:15 | 000,349,784 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\models\cars\frontloader_01.vtf
[2011.12.22 15:47:52 | 000,033,945 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.dx90.vtx
[2011.12.22 15:47:52 | 000,001,720 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.mdl
[2011.12.22 15:47:52 | 000,005,800 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.phy
[2011.12.22 15:47:52 | 000,149,312 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.vvd
[2011.03.04 09:47:14 | 000,139,783 | ---- | M] () -- \Minecraft\Alt.loader.jar
[2011.04.15 17:29:28 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Codemasters\DiRT 3\audio\audio_loader.xml
[2009.05.23 03:38:52 | 000,061,952 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2009.05.22 22:27:34 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2003.04.11 15:45:42 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2010.11.30 01:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.1\Kernelmoduleunloader.exe
[2012.01.07 14:45:19 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.07 14:45:19 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.07 14:45:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.07 14:46:40 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.12.12 21:18:16 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.02.16 00:13:33 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012.02.16 00:13:33 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012.02.16 00:13:33 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012.02.16 00:13:33 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2012.02.03 18:47:14 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.02.03 18:50:26 | 000,131,984 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.08 19:10:08 | 000,670,208 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 11:46:24 | 000,685,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 19:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2011.09.28 20:59:12 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.09.28 20:59:24 | 000,016,776 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2011.09.28 20:59:58 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2011.12.22 15:24:33 | 000,064,352 | ---- | M] () -- \Stahování\Postal III-English\Postal.3.Retail [English]\bin\physxLoader.dll
[2011.12.13 18:32:38 | 000,000,880 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\SRDownloader.nast
[2012.04.01 23:04:21 | 000,007,900 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07WY4D78\bundleloader[1].js
[2012.04.01 22:46:01 | 000,000,723 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OLXQ5TZ\downloaderror[1].js
[2012.04.01 22:46:01 | 000,001,174 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OLXQ5TZ\downloader[1].js
[2012.04.01 22:46:00 | 000,007,900 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\bundleloader[1].js
[2012.04.01 23:04:22 | 000,000,723 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\downloaderror[1].js
[2012.04.01 23:04:22 | 000,001,174 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\downloader[1].js
[2011.12.12 21:14:16 | 000,000,914 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2011.12.12 21:14:16 | 000,000,097 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\jdownloader.org.idx
[1980.01.02 02:00:00 | 000,317,112 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Temp\AIH.74017c85a43cf9a9e936e7e2d62a4f1a9cd30093\downloader.bundle
[2012.03.03 16:56:00 | 000,528,288 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Temp\AIH.74017c85a43cf9a9e936e7e2d62a4f1a9cd30093\downloader.dll
[2011.12.14 21:10:27 | 000,019,724 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\.minecraft\ModLoader.txt
[2011.12.14 20:14:18 | 000,000,436 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.03.14 13:47:42 | 000,009,051 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.03.14 13:47:42 | 000,016,119 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.03.14 13:47:42 | 000,018,434 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.03.14 13:47:42 | 000,006,553 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2011.11.30 12:27:50 | 000,010,144 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2012.02.17 12:02:43 | 000,001,516 | ---- | M] () -- \Users\Cheaterboy\Desktop\Free Rapid Downloader.lnk
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.11.03 16:47:02 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.11.03 16:47:02 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.11.03 16:47:02 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.11.03 16:47:02 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.11.03 16:47:02 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
[2012.03.25 12:03:34 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\.minecraft
[2012.01.18 23:20:08 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Acoustica
[2012.03.31 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Audacity
[2012.01.23 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Avnex
[2012.01.11 03:25:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO
[2012.04.01 22:15:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite
[2012.02.04 17:19:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Day 1 Studios
[2011.12.24 22:12:05 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DeepBurner Pro
[2012.04.03 01:06:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DMCache
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\FileZilla
[2012.03.15 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\GHISLER
[2011.12.15 00:43:13 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Guitar Pro 6
[2012.01.08 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ICQ
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\IDM
[2012.03.06 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\LOVE
[2011.12.12 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Opera
[2012.01.07 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QIP
[2012.02.02 00:56:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard
[2012.02.10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Samsung
[2012.04.01 12:37:17 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2012.01.15 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sinvise Systems
[2012.03.29 13:22:22 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SoftGrid Client
[2012.01.22 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sony
[2011.12.12 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Splashtop
[2012.01.05 14:21:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Steinberg
[2012.01.18 23:20:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SynthMaker
[2012.02.10 23:37:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Temp
[2011.12.25 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TP
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TS3Client
[2012.02.04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TuneUp Software
[2011.12.18 02:51:47 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Tunngle
[2012.02.12 00:34:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Ubisoft
[2012.04.03 19:55:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\uTorrent
[2012.02.17 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\VitySoft
[2011.12.18 03:13:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Wippien
[2011.12.12 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Zoner
[2012.01.29 14:34:40 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\drivers\ichxr\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\install\ichxr\64\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
[2010.11.06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_05602dde0a28e7f4\iaStor.sys
[2010.11.06 00:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\install\ichxr\32\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp files -> C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp -> ]
[1 C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp files -> C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp -> ]
[1 C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp files -> C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp -> ]
[1 C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp files -> C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp -> ]
[1 C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp files -> C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp -> ]
[1 C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp files -> C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp -> ]
[1 C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp files -> C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp -> ]
[1 C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp files -> C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp -> ]
[1 C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp files -> C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp -> ]
[1 C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp files -> C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp -> ]
[1 C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp files -> C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp -> ]
[1 C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp files -> C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp -> ]
[1 C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp files -> C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.04.03 20:00:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\.minecraft
[2012.01.18 23:20:08 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Acoustica
[2011.12.17 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Adobe
[2011.12.12 19:13:27 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ATI
[2012.03.31 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Audacity
[2012.01.23 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Avnex
[2012.01.11 03:25:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO
[2012.04.01 22:15:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite
[2012.02.04 17:19:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Day 1 Studios
[2011.12.24 22:12:05 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DeepBurner Pro
[2012.04.03 01:06:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\DMCache
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\FileZilla
[2012.03.15 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\GHISLER
[2011.12.15 00:43:13 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Guitar Pro 6
[2011.12.18 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Hamachi
[2012.01.08 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\ICQ
[2011.12.12 19:13:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Identities
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\IDM
[2011.12.12 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\InstallShield
[2011.12.12 20:38:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Intel Corporation
[2012.03.06 17:15:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\LOVE
[2011.12.12 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Macromedia
[2010.11.21 11:38:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Media Center Programs
[2012.02.04 15:09:02 | 000,000,000 | --SD | M] -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft
[2011.12.12 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla
[2011.12.24 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Nero
[2011.12.12 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Opera
[2012.01.07 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QIP
[2012.02.02 00:56:16 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard
[2012.02.10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Samsung
[2012.04.01 12:37:17 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife
[2011.12.18 13:21:56 | 000,000,000 | RH-D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SecuROM
[2012.01.15 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sinvise Systems
[2012.04.02 15:04:54 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Skype
[2012.03.29 13:22:22 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SoftGrid Client
[2012.01.22 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Sony
[2011.12.12 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Splashtop
[2012.01.05 14:21:24 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Steinberg
[2012.01.18 23:20:11 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\SynthMaker
[2012.02.10 23:37:04 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Temp
[2011.12.25 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TP
[2012.04.01 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TS3Client
[2012.02.04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\TuneUp Software
[2011.12.18 02:51:47 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Tunngle
[2012.02.12 00:34:12 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Ubisoft
[2012.04.03 20:15:30 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\uTorrent
[2012.02.17 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\VitySoft
[2012.04.03 19:40:15 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\vlc
[2011.12.12 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\WinRAR
[2011.12.18 03:13:44 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Wippien
[2011.12.12 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Cheaterboy\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2002.08.29 19:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\MafiaSetup.exe
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2012.01.25 18:03:10 | 000,029,926 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.04.01 22:21:03 | 000,010,134 | R--- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.02.04 15:07:28 | 000,786,492 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2012.02.04 15:07:29 | 015,823,872 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2012.02.04 15:07:28 | 000,107,008 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Cheaterboy\AppData\Roaming\QipGuard\QipGuard.exe
[2012.02.21 22:42:58 | 000,106,408 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.02.21 22:42:58 | 000,101,288 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.02.21 22:42:58 | 000,021,416 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.04.01 13:23:57 | 000,000,000 | ---- | M] () -- C:\Users\Cheaterboy\AppData\Roaming\SecondLife\logs\SecondLife.exec_marker
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.01 23:06:27 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.01 23:04:26 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.04.01 23:04:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.04.01 22:22:58 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerInstaller.exe
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"IDMan" = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot -- [2012.03.17 10:10:14 | 003,478,936 | ---- | M] (Tonec Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"KiesPDLR" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012.02.21 22:42:58 | 000,021,416 | ---- | M] ()
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.03 19:54:05 | 000,000,512 | ---- | M] () MD5=4169F3E23004AA94166F58A19EBA4175 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.09.21 16:21:18 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2006.09.21 16:21:18 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2006.09.26 14:04:34 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2006.09.21 16:21:14 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2006.09.27 20:47:30 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2006.09.26 14:04:36 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2006.09.21 16:21:16 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2006.09.27 17:23:02 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2006.09.21 16:21:12 | 000,017,493 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2006.09.21 14:29:32 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2006.09.21 14:29:40 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2006.09.21 14:29:28 | 000,017,494 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2006.09.21 14:29:38 | 000,017,490 | ---- | M] () -- \HRY\Heroes 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2011.12.22 15:46:01 | 000,175,008 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\ground\asphalt_01_cracked.vtf
[2011.12.22 15:48:27 | 000,002,550 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.mdl
[2011.12.22 15:48:27 | 000,001,445 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.phy
[2011.12.22 15:48:27 | 000,011,648 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_a.vvd
[2011.12.22 15:48:27 | 000,002,925 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.mdl
[2011.12.22 15:48:27 | 000,001,285 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.phy
[2011.12.22 15:48:27 | 000,013,376 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_b.vvd
[2011.12.22 15:48:27 | 000,003,375 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.dx90.vtx
[2011.12.22 15:48:27 | 000,001,816 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.mdl
[2011.12.22 15:48:27 | 000,001,285 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.phy
[2011.12.22 15:48:27 | 000,015,296 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\police_station\prison_food_01_cracked_c.vvd
[2011.12.22 15:51:16 | 000,014,584 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_01.wav
[2011.12.22 15:51:16 | 000,022,052 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_02.wav
[2011.12.22 15:51:16 | 000,033,374 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_03.wav
[2011.12.22 15:51:16 | 000,021,682 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\hits\neck_crack_04.wav
[2011.12.22 15:51:02 | 000,026,714 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Female\wf_followup_areyouoncrackv1.wav
[2011.12.22 15:51:07 | 000,025,690 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Male\wm_followup_areyouoncrackv1.wav
[2011.12.22 15:51:07 | 000,025,690 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\sound\characters\White_Male\wm_followup_areyouoncrackv2.wav
[2012.01.04 10:21:01 | 4243,357,696 | ---- | M] () -- \INSTALAČKY\Mass Effect 2_CZ + DLC\DVD1 + Crack.iso
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2006.08.11 14:52:46 | 000,068,698 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\Track Presets\Audio\Nutcracker Synth Brass.trackpreset
[2006.08.03 13:42:44 | 000,000,799 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\VST3 Presets\Steinberg Media Technologies\Grungelizer\Vinyl Crackles.vstpreset
[2006.08.03 13:49:42 | 000,003,755 | R--- | M] () -- \Program Files (x86)\Steinberg\Cubase 5\VST3 Presets\Steinberg Media Technologies\StudioChorus\Chipmunks On Crack.vstpreset
[2012.02.04 22:21:07 | 024,591,246 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2011\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe
[2012.02.12 04:10:13 | 089,150,446 | ---- | M] () -- \Stahování\Assasins Creed Trilogy CZ + dlc + full hd tapety\Assassins Creed 2+crack,emulator,cestina\crack,emulator,cestina.rar
[2012.01.11 00:34:48 | 000,000,319 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fi.crackedcdn.com%2Ffavicon.png
[2012.01.15 00:12:08 | 000,000,522 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\www.cracked.com.idx
< *keygen* /s >
[2011.12.28 02:23:39 | 000,339,024 | ---- | M] () -- \HRY\Postal.3.Retail [English]\HOW_TO_USE_KEYGEN.png
[2011.12.06 17:26:04 | 000,716,800 | R--- | M] () -- \HRY\Postal.3.Retail [English]\keygen.exe
[2011.12.28 04:27:39 | 000,638,322 | ---- | M] () -- \HRY\Postal.3.Retail [English]\Keygen.rar
[2011.12.27 00:12:09 | 002,896,384 | ---- | M] () -- \INSTALAČKY\L A Noire 2011 (crack patch cz)\L.A.-Noire---KEYGEN.exe
[2012.03.11 02:59:44 | 000,339,024 | ---- | M] () -- \Stahování\Postal III-English\HOW_TO_USE_KEYGEN.png
[2012.03.11 02:59:44 | 000,638,322 | ---- | M] () -- \Stahování\Postal III-English\Postal 3 keygen [backup].rar
[2010.12.26 00:16:52 | 000,070,479 | ---- | M] () -- \Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\keygen.exe
[2011.01.25 05:31:54 | 000,066,336 | ---- | M] () -- \Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\Keygen.rar
[2012.03.16 13:34:59 | 000,021,516 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-F0DADA6E.pf
< *loader* /s >
[2011.09.02 21:08:51 | 000,228,352 | ---- | M] () -- \HRY\Call of Juarez The Cartel\ubiorbitapi_r2_loader.dll
[2011.12.22 15:24:33 | 000,064,352 | ---- | M] () -- \HRY\Postal.3.Retail [English]\bin\physxLoader.dll
[2011.12.22 15:46:15 | 000,000,546 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\models\cars\frontloader_01.vmt
[2011.12.22 15:46:15 | 000,349,784 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\materials\models\cars\frontloader_01.vtf
[2011.12.22 15:47:52 | 000,033,945 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.dx90.vtx
[2011.12.22 15:47:52 | 000,001,720 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.mdl
[2011.12.22 15:47:52 | 000,005,800 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.phy
[2011.12.22 15:47:52 | 000,149,312 | ---- | M] () -- \HRY\Postal.3.Retail [English]\p3\models\cars\frontloader_01.vvd
[2011.03.04 09:47:14 | 000,139,783 | ---- | M] () -- \Minecraft\Alt.loader.jar
[2011.04.15 17:29:28 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Codemasters\DiRT 3\audio\audio_loader.xml
[2009.05.23 03:38:52 | 000,061,952 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2009.05.22 22:27:34 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2003.04.11 15:45:42 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2010.11.30 01:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.1\Kernelmoduleunloader.exe
[2012.01.07 14:45:19 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.07 14:45:19 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.07 14:45:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.07 14:46:40 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.12.12 21:18:16 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.02.16 00:13:33 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012.02.16 00:13:33 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012.02.16 00:13:33 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012.02.16 00:13:33 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2012.02.03 18:47:14 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.02.03 18:50:26 | 000,131,984 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.08 19:10:08 | 000,670,208 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 11:46:24 | 000,685,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 19:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2011.09.28 20:59:12 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.09.28 20:59:24 | 000,016,776 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2011.09.28 20:59:58 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2011.12.22 15:24:33 | 000,064,352 | ---- | M] () -- \Stahování\Postal III-English\Postal.3.Retail [English]\bin\physxLoader.dll
[2011.12.13 18:32:38 | 000,000,880 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\SRDownloader.nast
[2012.04.01 23:04:21 | 000,007,900 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07WY4D78\bundleloader[1].js
[2012.04.01 22:46:01 | 000,000,723 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OLXQ5TZ\downloaderror[1].js
[2012.04.01 22:46:01 | 000,001,174 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OLXQ5TZ\downloader[1].js
[2012.04.01 22:46:00 | 000,007,900 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\bundleloader[1].js
[2012.04.01 23:04:22 | 000,000,723 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\downloaderror[1].js
[2012.04.01 23:04:22 | 000,001,174 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJAY100H\downloader[1].js
[2011.12.12 21:14:16 | 000,000,914 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2011.12.12 21:14:16 | 000,000,097 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Opera\Opera\icons\jdownloader.org.idx
[1980.01.02 02:00:00 | 000,317,112 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Temp\AIH.74017c85a43cf9a9e936e7e2d62a4f1a9cd30093\downloader.bundle
[2012.03.03 16:56:00 | 000,528,288 | ---- | M] () -- \Users\Cheaterboy\AppData\Local\Temp\AIH.74017c85a43cf9a9e936e7e2d62a4f1a9cd30093\downloader.dll
[2011.12.14 21:10:27 | 000,019,724 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\.minecraft\ModLoader.txt
[2011.12.14 20:14:18 | 000,000,436 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.03.14 13:47:42 | 000,009,051 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.03.14 13:47:42 | 000,016,119 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.03.14 13:47:42 | 000,018,434 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.03.14 13:47:42 | 000,006,553 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2011.11.30 12:27:50 | 000,010,144 | ---- | M] () -- \Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2012.02.17 12:02:43 | 000,001,516 | ---- | M] () -- \Users\Cheaterboy\Desktop\Free Rapid Downloader.lnk
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.11.03 16:47:02 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.11.03 16:47:02 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.11.03 16:47:02 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.11.03 16:47:02 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.11.03 16:47:02 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
Extras.txt
OTL Extras logfile created on: 3.4.2012 19:53:02 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Stahování
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,98 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,41% Memory free
15,97 Gb Paging File | 13,55 Gb Available in Paging File | 84,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1855,20 Gb Total Space | 1388,76 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Drive J: | 660,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHEATERBOY-PC | User Name: Cheaterboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}" = Shutdown Timer
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2304A2EE-010B-43EE-90F8-2218FB93244E}" = Far Cry (AMD64 Exclusive Content Update)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{401E03EC-1644-1B0A-B8D3-C40477ADCEC4}" = AMD Drag and Drop Transcoding
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders
"{B9609B6D-9532-E0F8-BE41-DFE18BFAEC22}" = AMD AVIVO64 Codecs
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{189B9ACF-DBA6-4F52-8726-2E11049FB1F7}" = HydraVision
"{1AD22277-7A1E-71EC-B27D-EB7A22BED143}" = DeepBurner Pro v1.9.0.228
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{3C8EC76C-70F1-418F-9106-D3D920879BA3}_is1" = inTone Bass Demo 1.2.2
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC157741-3285-4D6A-B934-9174587A3493}" = Creative MiniDisc Center
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}" = Rayman Origins
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}" = Pinnacle Studio 15 Ultimate Plugins
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = Catalyst Control Center
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}" = Splashtop Connect IE
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Effects Pack" = Acoustica Effects Pack
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audacity_is1" = Audacity 2.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"avast" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"Call of Juarez The Cartel_is1" = Call of Juarez The Cartel
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III Beta" = Diablo III Beta
"EADM" = EA Download Manager
"EAX Unified" = EAX Unified
"FileZilla Client" = FileZilla Client 3.5.2
"FormatFactory" = FormatFactory 2.90
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"Google Chrome" = Google Chrome
"GTA San Andreas Admin Console Release 1.8.2" = GTA San Andreas Admin Console Release 1.8.2
"Halo" = Microsoft Halo
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Internet Download Manager" = Internet Download Manager
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Mafia Game" = Mafia Game
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"Rage_is1" = Rage
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scorpions WinCheater 2.07 (s databází 129)_is1" = Scorpions WinCheater
"Serials 64_is1" = Serials 64
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 105600" = Terraria
"Steam App 11020" = TrackMania Nations Forever
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 400" = Portal
"tinc" = Tinc 1.0.16
"Totalcmd" = Total Commander (Remove or Repair)
"UnLock Root" = UnLock Root 2.30
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7102
"QIP Infium" = QIP Infium 3.0.9044
"QipGuard" = QIP Internet Guardian
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31.3.2012 21:24:41 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.3.2012 21:34:17 | Computer Name = Cheaterboy-PC | Source = CVHSVC | ID = 100
Description = Pouze informace (Patch task for {90140011-0066-0405-0000-0000000FF1CE}):
DownloadLatest Failed: V tuto chvíli není aktivní žádné připojení k síti. Jakmile
bude připojen adaptér, bude Služba inteligentního přenosu na pozadí (BITS) akci
opakovat.
Error - 31.3.2012 22:23:59 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.3.2012 22:33:52 | Computer Name = Cheaterboy-PC | Source = CVHSVC | ID = 100
Description = Pouze informace (Patch task for {90140011-0066-0405-0000-0000000FF1CE}):
DownloadLatest Failed: V tuto chvíli není aktivní žádné připojení k síti. Jakmile
bude připojen adaptér, bude Služba inteligentního přenosu na pozadí (BITS) akci
opakovat.
Error - 1.4.2012 5:33:20 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 6:41:40 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 7:26:09 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 8:24:35 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 14:14:58 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 14:26:40 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 21.3.2012 16:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 21.3.2012 18:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 21.3.2012 19:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 9:57:16 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:05:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:05:58 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:14:51 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:14:54 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:16:17 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 18:16:17 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
< End of report >
OTL Extras logfile created on: 3.4.2012 19:53:02 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Stahování
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,98 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 73,41% Memory free
15,97 Gb Paging File | 13,55 Gb Available in Paging File | 84,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1855,20 Gb Total Space | 1388,76 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Drive J: | 660,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: CHEATERBOY-PC | User Name: Cheaterboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}" = Shutdown Timer
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2304A2EE-010B-43EE-90F8-2218FB93244E}" = Far Cry (AMD64 Exclusive Content Update)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{401E03EC-1644-1B0A-B8D3-C40477ADCEC4}" = AMD Drag and Drop Transcoding
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders
"{B9609B6D-9532-E0F8-BE41-DFE18BFAEC22}" = AMD AVIVO64 Codecs
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{189B9ACF-DBA6-4F52-8726-2E11049FB1F7}" = HydraVision
"{1AD22277-7A1E-71EC-B27D-EB7A22BED143}" = DeepBurner Pro v1.9.0.228
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{3C8EC76C-70F1-418F-9106-D3D920879BA3}_is1" = inTone Bass Demo 1.2.2
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC157741-3285-4D6A-B934-9174587A3493}" = Creative MiniDisc Center
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}" = Rayman Origins
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}" = Pinnacle Studio 15 Ultimate Plugins
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = Catalyst Control Center
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}" = Splashtop Connect IE
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Effects Pack" = Acoustica Effects Pack
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audacity_is1" = Audacity 2.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"avast" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"Call of Juarez The Cartel_is1" = Call of Juarez The Cartel
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III Beta" = Diablo III Beta
"EADM" = EA Download Manager
"EAX Unified" = EAX Unified
"FileZilla Client" = FileZilla Client 3.5.2
"FormatFactory" = FormatFactory 2.90
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"Google Chrome" = Google Chrome
"GTA San Andreas Admin Console Release 1.8.2" = GTA San Andreas Admin Console Release 1.8.2
"Halo" = Microsoft Halo
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Internet Download Manager" = Internet Download Manager
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Mafia Game" = Mafia Game
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"Rage_is1" = Rage
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scorpions WinCheater 2.07 (s databází 129)_is1" = Scorpions WinCheater
"Serials 64_is1" = Serials 64
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 105600" = Terraria
"Steam App 11020" = TrackMania Nations Forever
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 400" = Portal
"tinc" = Tinc 1.0.16
"Totalcmd" = Total Commander (Remove or Repair)
"UnLock Root" = UnLock Root 2.30
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7102
"QIP Infium" = QIP Infium 3.0.9044
"QipGuard" = QIP Internet Guardian
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31.3.2012 21:24:41 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.3.2012 21:34:17 | Computer Name = Cheaterboy-PC | Source = CVHSVC | ID = 100
Description = Pouze informace (Patch task for {90140011-0066-0405-0000-0000000FF1CE}):
DownloadLatest Failed: V tuto chvíli není aktivní žádné připojení k síti. Jakmile
bude připojen adaptér, bude Služba inteligentního přenosu na pozadí (BITS) akci
opakovat.
Error - 31.3.2012 22:23:59 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.3.2012 22:33:52 | Computer Name = Cheaterboy-PC | Source = CVHSVC | ID = 100
Description = Pouze informace (Patch task for {90140011-0066-0405-0000-0000000FF1CE}):
DownloadLatest Failed: V tuto chvíli není aktivní žádné připojení k síti. Jakmile
bude připojen adaptér, bude Služba inteligentního přenosu na pozadí (BITS) akci
opakovat.
Error - 1.4.2012 5:33:20 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 6:41:40 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 7:26:09 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 8:24:35 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 14:14:58 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
Error - 1.4.2012 14:26:40 | Computer Name = Cheaterboy-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 21.3.2012 16:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 21.3.2012 18:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 21.3.2012 19:45:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 9:57:16 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:05:47 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:05:58 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:14:51 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:14:54 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 16:16:17 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
Error - 22.3.2012 18:16:17 | Computer Name = Cheaterboy-PC | Source = ipnathlp | ID = 31004
Description =
< End of report >
Re: Prosím o preventivní kontrolu
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722} IE:64bit: - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKLM\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.atcomp.cz [binary data] IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data] IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes,DefaultScope = {B873E4E3-A4E3-4AD3-B41D-2260C55FA722} IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{3400811A-5CEC-4f92-9E26-279D0985F342}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}: "URL" = http://www.google.com/cse?cx=partner-pu ... 1509802&q={searchTerms} IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE IE - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH [2011.12.12 20:02:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found. O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ] [2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [1 C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp files -> C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\*.tmp -> ] [1 C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp files -> C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\*.tmp -> ] [1 C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp files -> C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\*.tmp -> ] [1 C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp files -> C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\*.tmp -> ] [1 C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp files -> C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\*.tmp -> ] [1 C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp files -> C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\*.tmp -> ] [1 C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp files -> C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\*.tmp -> ] [1 C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp files -> C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\*.tmp -> ] [1 C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp files -> C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\*.tmp -> ] [1 C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp files -> C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\*.tmp -> ] [1 C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp files -> C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\*.tmp -> ] [1 C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp files -> C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\*.tmp -> ] [1 C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp files -> C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\*.tmp -> ] [2012.04.03 19:22:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.03 19:14:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job :services gupdate gupdatem :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AutoKMS"=- "TNOD UP"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative SB Monitoring Utility] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- :files C:\Program Files (x86)\TNod User & Password Finder c:\INSTALAČKY\Mass Effect 2_CZ + DLC\DVD1 + Crack.iso /d c:\Program Files (x86)\TuneUp Utilities 2011\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe c:\Stahování\Assasins Creed Trilogy CZ + dlc + full hd tapety\Assassins Creed 2+crack,emulator,cestina\crack,emulator,cestina.rar \HRY\Postal.3.Retail [English]\Keygen.rar c:\INSTALAČKY\L A Noire 2011 (crack patch cz)\L.A.-Noire---KEYGEN.exe c:\Stahování\Postal III-English\HOW_TO_USE_KEYGEN.png c:\Stahování\Postal III-English\Postal 3 keygen [backup].rar c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\keygen.exe c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\Keygen.rar c:\Windows\Prefetch\KEYGEN.EXE-F0DADA6E.pf %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Prosím o preventivní kontrolu
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}\ deleted successfully.
C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3400811A-5CEC-4f92-9E26-279D0985F342}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3400811A-5CEC-4f92-9E26-279D0985F342}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
File move failed. C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll scheduled to be moved on reboot.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS deleted successfully.
C:\Windows\AutoKMS.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\System32\tmp9B35.tmp deleted successfully.
C:\Windows\System32\tmp9B84.tmp deleted successfully.
C:\Windows\Temp\CR_ED820.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_ED820.tmp folder deleted successfully.
C:\Windows\Temp\HTT7CDB.tmp deleted successfully.
C:\Windows\Temp\HTTC136.tmp deleted successfully.
C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\fpb.tmp deleted successfully.
C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\fpb.tmp deleted successfully.
C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\fpb.tmp deleted successfully.
C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\fpb.tmp deleted successfully.
C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\fpb.tmp deleted successfully.
C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\fpb.tmp deleted successfully.
C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\fpb.tmp deleted successfully.
C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\fpb.tmp deleted successfully.
C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\fpb.tmp deleted successfully.
C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\fpb.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative SB Monitoring Utility\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\Program Files (x86)\TNod User & Password Finder folder moved successfully.
c:\INSTALAČKY\Mass Effect 2_CZ + DLC\DVD1 + Crack.iso deleted successfully.
c:\Program Files (x86)\TuneUp Utilities 2011\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe moved successfully.
c:\Stahování\Assasins Creed Trilogy CZ + dlc + full hd tapety\Assassins Creed 2+crack,emulator,cestina\crack,emulator,cestina.rar moved successfully.
File move failed. \HRY\Postal.3.Retail [English]\Keygen.rar scheduled to be moved on reboot.
c:\INSTALAČKY\L A Noire 2011 (crack patch cz)\L.A.-Noire---KEYGEN.exe moved successfully.
c:\Stahování\Postal III-English\HOW_TO_USE_KEYGEN.png moved successfully.
c:\Stahování\Postal III-English\Postal 3 keygen [backup].rar moved successfully.
c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\keygen.exe moved successfully.
c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\Keygen.rar moved successfully.
c:\Windows\Prefetch\KEYGEN.EXE-F0DADA6E.pf moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Cheaterboy
->Temp folder emptied: 90483585 bytes
->Temporary Internet Files folder emptied: 9144840 bytes
->Java cache emptied: 31263 bytes
->Google Chrome cache emptied: 13911772 bytes
->Opera cache emptied: 1461673338 bytes
->Flash cache emptied: 10901 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30469156 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 531,00 mb
[EMPTYFLASH]
User: All Users
User: Cheaterboy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.39.2 log created on 04062012_231544
Files\Folders moved on Reboot...
File move failed. C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll scheduled to be moved on reboot.
File move failed. \HRY\Postal.3.Retail [English]\Keygen.rar scheduled to be moved on reboot.
C:\Users\Cheaterboy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1888276911-1174949287-1229178209-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}\ deleted successfully.
C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3400811A-5CEC-4f92-9E26-279D0985F342}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3400811A-5CEC-4f92-9E26-279D0985F342}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95A85AE3-23E7-409f-9AAD-2E5E38BD7D20}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B873E4E3-A4E3-4AD3-B41D-2260C55FA722}\ not found.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\Cheaterboy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Cheaterboy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
File move failed. C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll scheduled to be moved on reboot.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS deleted successfully.
C:\Windows\AutoKMS.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\System32\tmp9B35.tmp deleted successfully.
C:\Windows\System32\tmp9B84.tmp deleted successfully.
C:\Windows\Temp\CR_ED820.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_ED820.tmp folder deleted successfully.
C:\Windows\Temp\HTT7CDB.tmp deleted successfully.
C:\Windows\Temp\HTTC136.tmp deleted successfully.
C:\Windows\Temp\{50736180-D6FC-41FC-9105-3A1D51FE8FFC}\fpb.tmp deleted successfully.
C:\Windows\Temp\{5D89FA20-8B79-4BA6-B793-82D7CFDB8F85}\fpb.tmp deleted successfully.
C:\Windows\Temp\{61A81E25-D0A2-48FD-B3BE-F566118C088E}\fpb.tmp deleted successfully.
C:\Windows\Temp\{71BA7A3A-3CC3-48E0-86EC-94C5C5C5ACEB}\fpb.tmp deleted successfully.
C:\Windows\Temp\{9F5EF9B7-A837-4521-969B-AF159A2E2FDD}\fpb.tmp deleted successfully.
C:\Windows\Temp\{BFC50BB5-8E77-425F-8805-918C3ED38EAE}\fpb.tmp deleted successfully.
C:\Windows\Temp\{C1D57B90-CB51-4E67-A75B-36FE3ED5A9E9}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D0AC5217-E921-4558-A6F4-E05403622166}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D2BDA99F-90BD-4532-95DD-C01BFF007500}\fpb.tmp deleted successfully.
C:\Windows\Temp\{D4A01921-91EE-4014-8558-1B87053BAFE2}\fpb.tmp deleted successfully.
C:\Windows\Temp\{E9CA11D1-37AC-412D-BDE8-E363438633B9}\fpb.tmp deleted successfully.
C:\Windows\Temp\{EBA074D1-0FF2-4245-BB40-5F87190BDB16}\fpb.tmp deleted successfully.
C:\Windows\Temp\{F2903163-3C0C-4F7D-BEA3-3E18E051CC1C}\fpb.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative SB Monitoring Utility\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\Program Files (x86)\TNod User & Password Finder folder moved successfully.
c:\INSTALAČKY\Mass Effect 2_CZ + DLC\DVD1 + Crack.iso deleted successfully.
c:\Program Files (x86)\TuneUp Utilities 2011\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe moved successfully.
c:\Stahování\Assasins Creed Trilogy CZ + dlc + full hd tapety\Assassins Creed 2+crack,emulator,cestina\crack,emulator,cestina.rar moved successfully.
File move failed. \HRY\Postal.3.Retail [English]\Keygen.rar scheduled to be moved on reboot.
c:\INSTALAČKY\L A Noire 2011 (crack patch cz)\L.A.-Noire---KEYGEN.exe moved successfully.
c:\Stahování\Postal III-English\HOW_TO_USE_KEYGEN.png moved successfully.
c:\Stahování\Postal III-English\Postal 3 keygen [backup].rar moved successfully.
c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\keygen.exe moved successfully.
c:\Users\Cheaterboy\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Keygen\Keygen.rar moved successfully.
c:\Windows\Prefetch\KEYGEN.EXE-F0DADA6E.pf moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Cheaterboy
->Temp folder emptied: 90483585 bytes
->Temporary Internet Files folder emptied: 9144840 bytes
->Java cache emptied: 31263 bytes
->Google Chrome cache emptied: 13911772 bytes
->Opera cache emptied: 1461673338 bytes
->Flash cache emptied: 10901 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30469156 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 531,00 mb
[EMPTYFLASH]
User: All Users
User: Cheaterboy
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.39.2 log created on 04062012_231544
Files\Folders moved on Reboot...
File move failed. C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll scheduled to be moved on reboot.
File move failed. \HRY\Postal.3.Retail [English]\Keygen.rar scheduled to be moved on reboot.
C:\Users\Cheaterboy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Přispějete na provoz fóra?