Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Babylon, jak se ho zbavit

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
hippous
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 dub 2012 14:32

Babylon, jak se ho zbavit

#1 Příspěvek od hippous »

Ahoj, nedávno jsem si omylem nainstaloval tento vyhledávač či co to je, a nevím jak se toho zbavit. Můžete mi prosim poradit co s tim?
Děkuji za odpověď.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Misanek at 2012-04-14 16:02:22
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 14 GB (36%) free of 40 GB
Total RAM: 2046 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:02:50, on 14.4.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\QIP\qip.exe
C:\totalcmd\TOTALCMD.EXE
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Misanek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=111361&ba ... 1d7da304bd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TheBflix - {E77B2837-D38B-44C7-BF44-C8D410BBD83D} - C:\ProgramData\TheBflix\bhoclass.dll
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--
End of file - 5516 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Misanek\AppData\Roaming\Mozilla\Firefox\Profiles\tctv3jlh.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/ig?hl=cs"
prefs.js - "extensions.enabledItems" - "{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\ProgramData\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Misanek\AppData\Roaming\Mozilla\Firefox\Profiles\tctv3jlh.default\extensions\
info@bflix.info

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E77B2837-D38B-44C7-BF44-C8D410BBD83D}]
TheBflix Class - C:\ProgramData\TheBflix\bhoclass.dll [2012-03-06 141312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2009-10-22 129584]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-11 98304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-08 8120864]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe [2011-10-31 247968]

C:\Users\Misanek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.VMnc"=vmnc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-14 16:02:22 ----D---- C:\rsit
2012-04-14 16:02:22 ----D---- C:\Program Files\trend micro
2012-03-31 12:57:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-03-31 12:57:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-31 12:57:27 ----A---- C:\Windows\system32\DWrite.dll
2012-03-31 12:57:25 ----A---- C:\Windows\system32\win32k.sys
2012-03-31 12:57:23 ----A---- C:\Windows\system32\rdpcorets.dll
2012-03-31 12:57:23 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-31 12:57:22 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-31 12:57:22 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-31 12:57:04 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-31 12:57:04 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-31 12:57:03 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-22 21:12:12 ----A---- C:\Windows\system32\GPhotos.scr
2012-03-19 17:34:54 ----D---- C:\Users\Misanek\AppData\Roaming\NeatImage PS 32

======List of files/folders modified in the last 1 month======

2012-04-14 16:02:34 ----D---- C:\Windows\Prefetch
2012-04-14 16:02:22 ----RD---- C:\Program Files
2012-04-14 16:00:30 ----D---- C:\Windows\Temp
2012-04-14 13:56:25 ----SHD---- C:\Windows\Installer
2012-04-14 13:56:24 ----D---- C:\ProgramData\Microsoft Help
2012-04-14 13:56:07 ----D---- C:\Windows\winsxs
2012-04-14 13:56:05 ----D---- C:\Windows\system32\catroot
2012-04-14 13:56:04 ----D---- C:\Windows\system32\catroot2
2012-04-14 13:55:29 ----D---- C:\Windows\System32
2012-04-14 13:49:51 ----D---- C:\Windows\debug
2012-04-14 13:49:50 ----A---- C:\Windows\system32\MRT.exe
2012-04-14 13:47:46 ----D---- C:\Windows\inf
2012-04-14 13:47:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-14 13:46:45 ----D---- C:\Windows\system32\config
2012-04-14 13:43:33 ----D---- C:\ProgramData\VMware
2012-04-12 20:16:49 ----D---- C:\Users\Misanek\AppData\Roaming\VMware
2012-04-12 19:08:51 ----D---- C:\Windows
2012-04-12 19:02:35 ----D---- C:\Windows\Minidump
2012-04-07 14:47:18 ----D---- C:\Users\Misanek\AppData\Roaming\Winamp
2012-04-07 14:43:31 ----D---- C:\Program Files\CCleaner
2012-04-06 15:53:02 ----RSD---- C:\Windows\assembly
2012-04-06 15:53:02 ----D---- C:\Windows\Microsoft.NET
2012-04-01 01:29:00 ----D---- C:\Windows\system32\drivers
2012-03-30 23:21:47 ----A---- C:\Windows\LIMIT-SETTING.INI
2012-03-30 23:21:47 ----A---- C:\Windows\ESTIMATE-SETTING.INI
2012-03-30 23:21:47 ----A---- C:\Windows\ALIGN-SETTING.INI
2012-03-30 23:01:22 ----A---- C:\Windows\MRU.ini
2012-03-23 22:32:50 ----D---- C:\Users\Misanek\AppData\Roaming\uTorrent
2012-03-23 20:27:34 ----D---- C:\Windows\system32\cs-CZ
2012-03-23 20:25:48 ----D---- C:\Windows\system32\en-US
2012-03-23 20:25:46 ----D---- C:\Program Files\Microsoft.NET
2012-03-19 13:52:32 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-02 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 32304]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2009-10-22 70704]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 36400]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2009-10-22 853936]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 22448]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-04 214016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-12-08 2975776]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 23216]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 16560]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 VMparport;VMware VMparport; \??\C:\Windows\system32\Drivers\VMparport.sys [2009-10-22 14896]
S3 ae9ng8u9;ae9ng8u9; C:\Windows\system32\drivers\ae9ng8u9.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Misanek\AppData\Local\Temp\JMR459D.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\plugins\UI\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-05-08 17480]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2009-10-22 31280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-04 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-12 75064]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2009-10-22 395824]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-11-13 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Babylon, jak se ho zbavit

#2 Příspěvek od Márty84 »

Zdravim :)

Doufam, ze ten Windows 7 Ultimate mate legalni. Neni to zrovna bezna domaci verze :?:

Jestli nepujde odinstalovat ani pomoci CCleaneru, bude se muset odpalit nasilim.

Udelejte sken s OTL

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
hippous
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 dub 2012 14:32

Re: Babylon, jak se ho zbavit

#3 Příspěvek od hippous »

Zdravim, prikladam dva logy z OTL. Abych rekl pravdu pravosti Windows si nejsem uplne jist, protoze ja jsem je neinstaloval.

OTL logfile created on: 16.4.2012 14:28:23 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = D:\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,87% Memory free
4,00 Gb Paging File | 2,94 Gb Available in Paging File | 73,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,31 Gb Total Space | 14,03 Gb Free Space | 35,70% Space Free | Partition Type: NTFS
Drive D: | 193,57 Gb Total Space | 13,21 Gb Free Space | 6,83% Space Free | Partition Type: NTFS

Computer Name: MISANEK-PC | User Name: Misanek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.16 14:25:47 | 000,593,920 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012.03.19 13:52:32 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.08.04 03:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.08.04 03:51:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2009.10.22 05:59:24 | 000,129,584 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2009.08.13 12:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe


========== Modules (No Company Name) ==========

MOD - [2012.03.31 13:11:13 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.03.31 13:11:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.03.31 13:11:02 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012.03.31 13:10:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.03.31 13:10:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.03.31 13:10:32 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.03.31 13:10:30 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012.03.31 13:10:24 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012.03.19 13:52:32 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.31 13:27:21 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.01.30 19:24:37 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3632.28368__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.01.30 19:24:36 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3632.28389__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,692,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3632.28307__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3632.28345__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3632.28218__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3632.28326__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3632.28245__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3632.28319__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3632.28229__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3632.28290__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3632.28277__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3632.28238__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3632.28229__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.01.30 19:24:36 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.01.30 19:24:36 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.01.30 19:24:35 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3632.28360__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:35 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3632.28298__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:35 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3632.28299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:35 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3632.28359__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3632.28346__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3632.28298__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:35 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3632.28389__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:34 | 001,290,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3632.28384__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3632.28280__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3632.28321__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3632.28293__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3632.28247__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3632.28312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.01.30 19:24:34 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3632.28273__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3632.28246__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:34 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3632.28287__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:34 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3632.28278__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3632.28286__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3632.28252__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:34 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3632.28288__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:33 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.01.30 19:24:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.01.30 19:24:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3621.42212__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3621.42210__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3621.42227__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3621.42278__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3621.42271__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3621.42225__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3621.42271__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.01.30 19:24:33 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.01.30 19:24:32 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3621.42202__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3621.42196__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.01.30 19:24:32 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3621.42274__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3621.42246__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.01.30 19:24:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3621.42267__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3621.42190__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.01.30 19:24:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3621.42192__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.01.30 19:24:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3621.42329__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.01.30 19:24:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3621.42213__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2010.01.30 19:24:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3621.42217__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3621.42209__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3621.42268__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3621.42223__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3621.42228__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3621.42211__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3621.42240__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.01.30 19:24:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3621.42221__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3632.28338__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.01.30 19:24:31 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3632.28336__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.01.30 19:24:31 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3621.42247__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3621.42243__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3632.28353__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.01.30 19:24:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3621.42205__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.01.30 19:24:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3621.42214__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3621.42224__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3621.42192__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.01.30 19:24:31 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3621.42241__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3621.42229__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3621.42211__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3621.42221__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.01.30 19:24:31 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3621.42244__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3621.42200__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.01.30 19:24:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3621.42221__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.01.30 19:24:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3621.42225__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.01.30 19:24:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3621.42213__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.01.30 19:24:31 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3632.28212__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.01.30 19:24:30 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3632.28224__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.01.30 19:24:30 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3632.28237__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.01.30 19:24:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3632.28215__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.01.30 19:24:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3632.28215__90ba9c70f846762e\APM.Server.dll
MOD - [2010.01.30 19:24:30 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3632.28217__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.01.30 19:24:30 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3621.42219__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.01.30 19:24:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3621.42217__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.01.30 19:24:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.01.30 19:24:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3621.42221__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.01.30 19:24:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3621.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.01.30 19:24:30 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3632.28338__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.01.30 19:24:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3632.28213__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.14 18:14:30 | 000,061,440 | ---- | M] () -- C:\Program Files\QIP\Plugins\docking.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.08.04 03:51:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009.10.12 15:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\plugins\UI\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Misanek\AppData\Local\Temp\JMR459D.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ar1z7inv)
DRV - [2012.04.16 14:02:18 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{727D9753-AC57-4413-AC09-5C64CA772FAB}\MpKsl18f0706b.sys -- (MpKsl18f0706b)
DRV - [2012.01.02 23:33:34 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.16 16:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.08.16 16:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2010.08.04 04:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.08.04 04:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.08.04 03:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.05.08 17:40:36 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.22 06:00:46 | 000,853,936 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2009.10.22 06:00:44 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2009.10.22 06:00:44 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009.10.22 06:00:44 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2009.10.22 05:59:48 | 000,014,896 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmparport.sys -- (VMparport)
DRV - [2009.10.22 04:47:52 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2009.10.22 01:13:36 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2009.10.22 01:13:32 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009.10.22 01:13:32 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2009.10.12 15:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=111361&ba ... 1d7da304bd
IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 2E D0 89 2C 3B CB 01 [binary data]
IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 1d7da304bd
IE - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/ig?hl=cs"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.03.26 15:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 13:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.11 22:45:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.03.26 15:01:41 | 000,000,000 | ---D | M]

[2010.01.30 15:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Misanek\AppData\Roaming\Mozilla\Extensions
[2012.03.11 12:27:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Misanek\AppData\Roaming\Mozilla\Firefox\Profiles\tctv3jlh.default\extensions
[2012.03.11 12:27:21 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Misanek\AppData\Roaming\Mozilla\Firefox\Profiles\tctv3jlh.default\extensions\info@bflix.info
[2012.03.19 13:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.03.19 13:52:32 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.10 13:22:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.05.25 18:09:48 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.08.22 11:14:43 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.22 11:14:43 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.08 13:01:09 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.08.22 11:14:42 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.22 11:14:42 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.22 11:14:42 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TheBflix Class) - {E77B2837-D38B-44C7-BF44-C8D410BBD83D} - C:\ProgramData\TheBflix\bhoclass.dll (Injector)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Misanek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4175658864-2755385545-3375998122-1001\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.153.117.1 62.141.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CEFFF7F-04DD-48A7-9828-F1CFE2C4FEA9}: DhcpNameServer = 93.153.117.1 62.141.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ce1e6cb1-0da7-11df-8240-001d7da304bd}\Shell - "" = AutoRun
O33 - MountPoints2\{ce1e6cb1-0da7-11df-8240-001d7da304bd}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.04.14 16:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.14 16:02:22 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.14 13:55:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.14 13:55:58 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.14 13:55:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.14 13:55:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.14 13:55:56 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.14 13:55:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.14 13:49:30 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.14 13:49:30 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.31 12:57:27 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.31 12:57:25 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.31 12:57:23 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012.03.31 12:57:23 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.03.31 12:57:04 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.31 12:57:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.31 12:57:03 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.30 18:49:57 | 000,000,000 | ---D | C] -- C:\Users\Misanek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegiStax 6
[2012.03.23 21:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Image
[2012.03.23 20:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2012.03.22 21:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2012.03.19 17:34:54 | 000,000,000 | ---D | C] -- C:\Users\Misanek\AppData\Roaming\NeatImage PS 32
[2012.03.19 17:34:54 | 000,000,000 | ---D | C] -- D:\Dokumenty\Neat Image for Photoshop

========== Files - Modified Within 30 Days ==========

[2012.04.16 14:30:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.16 13:39:48 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.16 13:39:48 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.16 13:29:04 | 000,635,838 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.04.16 13:29:04 | 000,620,594 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.16 13:29:04 | 000,123,918 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.04.16 13:29:04 | 000,108,400 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.16 13:24:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.16 13:24:21 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.08 15:19:37 | 000,020,480 | ---- | M] () -- C:\Users\Misanek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.07 14:43:31 | 000,000,969 | ---- | M] () -- C:\Users\Misanek\Desktop\CCleaner.lnk
[2012.04.01 11:39:02 | 000,339,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.30 23:21:47 | 000,000,160 | ---- | M] () -- C:\Windows\ALIGN-SETTING.INI
[2012.03.30 23:21:47 | 000,000,148 | ---- | M] () -- C:\Windows\ESTIMATE-SETTING.INI
[2012.03.30 23:21:47 | 000,000,107 | ---- | M] () -- C:\Windows\LIMIT-SETTING.INI
[2012.03.30 23:01:22 | 000,000,401 | ---- | M] () -- C:\Windows\MRU.ini
[2012.03.30 18:50:56 | 000,000,704 | ---- | M] () -- C:\Users\Misanek\Desktop\RegiStax 6.lnk
[2012.03.23 21:06:03 | 000,000,646 | ---- | M] () -- C:\Users\Misanek\Desktop\Neat Image.lnk
[2012.03.22 21:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr

========== Files Created - No Company Name ==========

[2012.04.16 14:30:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.08 15:02:49 | 001,521,806 | ---- | C] () -- C:\Users\Misanek\Desktop\01072007-194711.jpg
[2012.04.07 14:43:31 | 000,000,969 | ---- | C] () -- C:\Users\Misanek\Desktop\CCleaner.lnk
[2012.03.30 18:49:58 | 000,000,704 | ---- | C] () -- C:\Users\Misanek\Desktop\RegiStax 6.lnk
[2012.03.23 21:06:03 | 000,000,646 | ---- | C] () -- C:\Users\Misanek\Desktop\Neat Image.lnk
[2012.03.11 13:23:35 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2012.01.01 17:32:23 | 000,000,043 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2011.08.01 16:15:54 | 000,000,266 | ---- | C] () -- C:\Users\Misanek\AppData\Roaming\OpenSceneryX Installer.plist
[2011.07.12 22:49:34 | 000,000,080 | ---- | C] () -- C:\Users\Misanek\AppData\Local\X-Plane Installer.prf
[2011.05.10 13:55:23 | 000,000,160 | ---- | C] () -- C:\Windows\ALIGN-SETTING.INI
[2011.05.10 13:55:23 | 000,000,148 | ---- | C] () -- C:\Windows\ESTIMATE-SETTING.INI
[2011.05.10 13:55:23 | 000,000,107 | ---- | C] () -- C:\Windows\LIMIT-SETTING.INI
[2011.05.09 20:59:41 | 000,000,401 | ---- | C] () -- C:\Windows\MRU.ini
[2011.03.05 14:47:14 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011.03.05 14:47:14 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011.03.05 14:47:02 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011.03.05 11:39:19 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.03.05 11:37:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.08.03 16:49:55 | 000,046,715 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.06.16 15:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.06.12 00:44:33 | 000,139,336 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.12 00:19:40 | 000,214,720 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.06.12 00:19:28 | 002,373,712 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.06.12 00:19:28 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.04.23 18:35:39 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin

========== LOP Check ==========

[2012.03.11 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Babylon
[2012.03.11 13:16:24 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Braid
[2010.10.11 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Canneverbe Limited
[2010.04.16 21:40:29 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Canon
[2010.01.30 16:04:31 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\DAEMON Tools Lite
[2010.01.30 18:03:51 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Foxit
[2010.08.02 21:11:36 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Foxit Software
[2010.01.30 15:37:41 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\GHISLER
[2011.01.31 15:19:00 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\gtk-2.0
[2012.01.02 19:36:30 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\LangSoft
[2010.09.29 23:56:35 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Leadertech
[2012.03.19 17:34:54 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\NeatImage PS 32
[2010.07.03 10:24:28 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Nokia
[2010.07.03 10:24:29 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Nokia Ovi Suite
[2010.08.24 14:00:17 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\PC Suite
[2010.08.03 12:16:27 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\PLANStudio Setup
[2010.02.06 23:35:47 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\skychart
[2010.02.03 22:36:04 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Stellarium
[2011.04.16 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\StreamTorrent
[2011.02.19 21:38:37 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\TeamViewer
[2010.04.12 14:56:00 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Teeworlds
[2012.03.23 22:32:50 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\uTorrent
[2010.05.18 14:22:25 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\VitySoft
[2011.05.11 23:17:51 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\wargaming.net
[2012.02.13 13:31:08 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========
Nahoru
hippous
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 dub 2012 14:32

Re: Babylon, jak se ho zbavit

#4 Příspěvek od hippous »

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\System32\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.13 23:30:20 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Adobe
[2010.04.16 20:37:40 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\ArcSoft
[2010.01.30 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\ATI
[2012.03.11 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Babylon
[2012.03.11 13:16:24 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Braid
[2010.10.11 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Canneverbe Limited
[2010.04.16 21:40:29 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Canon
[2010.01.30 16:04:31 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\DAEMON Tools Lite
[2011.11.12 23:47:19 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\dvdcss
[2010.01.30 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\FastStone
[2010.01.30 18:03:51 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Foxit
[2010.08.02 21:11:36 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Foxit Software
[2010.01.30 15:37:41 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\GHISLER
[2010.10.10 00:11:21 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Google
[2011.01.31 15:19:00 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\gtk-2.0
[2010.05.09 01:25:32 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Hamachi
[2010.01.30 13:43:44 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Identities
[2012.01.02 19:36:30 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\LangSoft
[2010.09.29 23:56:35 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Leadertech
[2010.01.30 15:53:14 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Media Center Programs
[2012.01.02 22:50:08 | 000,000,000 | --SD | M] -- C:\Users\Misanek\AppData\Roaming\Microsoft
[2010.01.30 15:51:28 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Mozilla
[2012.03.19 17:34:54 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\NeatImage PS 32
[2010.07.03 10:24:28 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Nokia
[2010.07.03 10:24:29 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Nokia Ovi Suite
[2010.08.24 14:00:17 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\PC Suite
[2010.08.03 12:16:27 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\PLANStudio Setup
[2011.04.09 17:07:45 | 000,000,000 | RH-D | M] -- C:\Users\Misanek\AppData\Roaming\SecuROM
[2010.02.06 23:35:47 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\skychart
[2011.09.30 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Skype
[2010.02.03 22:36:04 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Stellarium
[2011.04.16 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\StreamTorrent
[2011.02.19 21:38:37 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\TeamViewer
[2010.04.12 14:56:00 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Teeworlds
[2012.03.23 22:32:50 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\uTorrent
[2010.05.18 14:22:25 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\VitySoft
[2011.07.14 11:41:45 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\vlc
[2012.04.15 19:53:27 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\VMware
[2011.05.11 23:17:51 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\wargaming.net
[2012.04.15 01:31:40 | 000,000,000 | ---D | M] -- C:\Users\Misanek\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >
[2010.06.22 21:52:38 | 069,214,784 | ---- | M] () -- C:\Users\Misanek\AppData\Roaming\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
[2010.01.30 21:38:52 | 000,697,965 | ---- | M] () -- C:\Users\Misanek\AppData\Roaming\uTorrent\unins000.exe
[2011.04.09 14:57:32 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Misanek\AppData\Roaming\uTorrent\utorrent.exe
[5 C:\Users\Misanek\AppData\Roaming\uTorrent\*.tmp files -> C:\Users\Misanek\AppData\Roaming\uTorrent\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.01.02 23:33:34 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.04.16 13:39:48 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.16 13:39:48 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.14 13:49:50 | 055,154,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2012.04.16 13:29:04 | 000,123,918 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.04.16 13:29:04 | 000,108,400 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.04.16 13:29:04 | 000,635,838 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.04.16 13:29:04 | 000,620,594 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.04.16 13:29:04 | 001,484,708 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.16 14:30:13 | 000,000,512 | ---- | M] () MD5=7CE599ED5BA01C91F1DEC64450BE3AED -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.02.19 23:13:34 | 003,114,151 | ---- | M] () -- \Downloads\2011_Real_Football_HD_Samsung_GTi9000_Galaxy_S_android_Crackfix_Twingo.apk
[2011.02.19 22:59:12 | 003,116,156 | ---- | M] () -- \Downloads\2011_Real_Football_HD_Samsung_GTi9000_Galaxy_S_android_v3.1.5_Cracked_Twingo.apk
[2008.09.07 13:54:42 | 000,092,359 | ---- | M] () -- \Downloads\arble.Maze.v1.60.4.S60v3.SymbianOS9Cracked-Foolman.rar
[2008.09.23 22:20:54 | 000,102,052 | ---- | M] () -- \Downloads\Cahoona.Games.MarbleMaze.v1.60.4.S60v3.SymbianOS9.1.Cracked-BiNPDA.rar
[2010.08.26 14:06:30 | 024,591,859 | ---- | M] () -- \Downloads\Mafia2-Crack-SKIDROW-Pahyl.of.BonGo.rar
[2009.05.03 11:46:58 | 000,881,575 | ---- | M] () -- \Downloads\Windows.Genuine.Advantage.Validation.v1.9.9.1.CRACKED.rar
[2010.08.27 01:30:44 | 016,400,819 | ---- | M] () -- \Downloads\DLC+Crack\CRACKFIX-SKIDROW.rar
[2007.10.10 15:34:00 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007.10.10 15:34:00 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007.10.10 15:34:02 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007.10.10 15:34:02 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007.10.10 15:34:02 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007.10.10 15:34:00 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007.10.10 15:34:00 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007.10.10 15:34:02 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007.10.10 15:33:58 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007.10.10 15:33:58 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007.10.10 15:34:00 | 000,017,493 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2007.10.10 15:33:32 | 000,017,494 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2007.10.10 15:33:34 | 000,017,494 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2007.10.10 15:33:32 | 000,017,494 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2007.10.10 15:33:34 | 000,017,494 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2007.10.10 15:33:32 | 000,017,494 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2007.10.10 15:33:32 | 000,017,490 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2007.06.13 15:10:44 | 000,017,491 | ---- | M] () -- \Games\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked

< *keygen* /s >
[2011.01.31 14:08:29 | 000,190,976 | ---- | M] () -- \Downloads\Adobe Photoshop CS2\KeyGen.exe
[2009.10.06 19:29:40 | 000,204,800 | ---- | M] () -- \Downloads\Sony Vegas Pro v9.0b Build 772-Digital Insanity[H33T][Frapmat212]\Keygen.exe
[2006.01.11 18:38:48 | 000,001,643 | ---- | M] () -- \Install\soft\PowerArchiver 2004 9.02.01\Keygen\PowerArchiver.2004.v9.02.01.Keygen.zip

< *loader* /s >
[2010.01.30 12:56:17 | 001,224,010 | ---- | M] () -- \Downloads\Windows 7 Loader v1.7.7r.zip
[2009.07.30 14:56:08 | 000,004,052 | ---- | M] () -- \Downloads\Joomla_1.5.14-Stable-Full_Package\libraries\loader.php
[2009.07.30 14:56:20 | 000,000,584 | ---- | M] () -- \Downloads\Joomla_1.5.14-Stable-Full_Package\media\system\images\mootree_loader.gif
[2009.07.30 14:56:20 | 000,008,747 | ---- | M] () -- \Downloads\Joomla_1.5.14-Stable-Full_Package\media\system\js\uploader.js
[2009.07.30 14:56:20 | 000,001,615 | ---- | M] () -- \Downloads\Joomla_1.5.14-Stable-Full_Package\media\system\swf\uploader.swf
[2009.11.21 01:16:58 | 002,341,242 | ---- | M] () -- \Downloads\Windows 7 Loader\Windows 7 Loader.exe
[2009.11.20 21:26:16 | 000,004,113 | ---- | M] () -- \Downloads\Windows 7 Loader\Notes\Loader changelog.txt
[2010.01.30 20:09:44 | 000,071,952 | ---- | M] () -- \Downloads\Windows 98 SE\tools\RESKIT\SLOADER.EXE
[2010.01.30 20:09:44 | 000,001,268 | ---- | M] () -- \Downloads\Windows 98 SE\tools\RESKIT\SLOADER.LST
[2010.08.24 17:23:59 | 000,071,008 | ---- | M] () -- \Games\2K Games\Mafia 2\pc\PhysXLoader.dll
[2010.12.22 00:46:42 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2010.12.22 00:04:56 | 000,039,683 | ---- | M] () -- \Games\World_of_Tanks\res\gui\flash\ammunitionReloader.swf
[2010.12.22 00:05:02 | 000,006,384 | ---- | M] () -- \Games\World_of_Tanks\res\gui\flash\loader.swf
[2010.12.22 00:47:26 | 000,025,296 | ---- | M] () -- \Games\World_of_Tanks\res\gui\flash\ShellLoaderForm.swf
[2010.11.21 19:40:22 | 000,014,418 | ---- | M] () -- \Games\World_of_Tanks\res\gui\maps\icons\tankmen\roles\loader.tga
[2010.11.21 19:40:22 | 000,000,694 | ---- | M] () -- \Games\World_of_Tanks\res\gui\maps\icons\tankmen\roles\small\loader.tga
[2011.05.14 14:32:52 | 000,001,152 | ---- | M] () -- \Games\World_of_Tanks\res\objects\misc\collisions_mat\loader_1.dds
[2011.05.14 14:32:52 | 000,001,152 | ---- | M] () -- \Games\World_of_Tanks\res\objects\misc\collisions_mat\loader_2.dds
[2011.07.14 12:31:24 | 000,090,245 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_coop_17.33.obj
[2011.07.14 12:31:24 | 000,090,893 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_danzas_17.33.obj
[2011.07.14 12:31:24 | 000,091,056 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_dhl_17.33.obj
[2011.07.14 12:31:24 | 000,058,233 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_empty_17.33.obj
[2011.07.14 12:31:24 | 000,089,793 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_fercam_17.33.obj
[2011.07.14 12:31:24 | 000,090,914 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_nyk_17.33.obj
[2011.07.14 12:31:24 | 000,090,411 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_tnt_17.33.obj
[2011.07.14 12:31:24 | 000,090,897 | ---- | M] () -- \Games\X-Plane 9\Resources\default scenery\900 roads\trains\F_truckloadercar_walmart_17.33.obj
[2007.09.24 16:28:29 | 000,002,717 | ---- | M] () -- \WEBY\BabyPark\babypark\engine-v-2.1\admin\fck\editor\_source\classes\fckstylesloader.js
[2007.08.31 16:47:42 | 000,002,634 | ---- | M] () -- \WEBY\www.aaapapir.cz\!old\admin\FCKeditor\editor\_source\classes\fckstylesloader.js
[2007.08.31 16:52:24 | 000,002,634 | ---- | M] () -- \WEBY\www.aaapapir.cz\!old\FCKeditor\editor\_source\classes\fckstylesloader.js
[2007.08.31 16:52:31 | 000,003,091 | ---- | M] () -- \WEBY\www.aaapapir.cz\!old\FCKeditor\editor\_source\internals\fckscriptloader.js
[2007.09.24 16:26:32 | 000,002,717 | ---- | M] () -- \WEBY\www.obchod-koci.cz\admin\fck\editor\_source\classes\fckstylesloader.js
[2007.06.13 17:52:32 | 000,004,380 | ---- | M] () -- \WEBY\www.obchod-koci.cz\admin\fckeditor\editor\_source\fckscriptloader.js
[2007.03.01 23:53:18 | 000,001,776 | ---- | M] () -- \WEBY\www.obchod-koci.cz\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2007.03.01 23:53:18 | 000,002,828 | ---- | M] () -- \WEBY\www.obchod-koci.cz\admin\fckeditor\editor\_source\classes\fckstylesloader.js
[2009.11.14 20:12:13 | 000,001,973 | ---- | M] () -- \WEBY\www.porez-dreva.cz\!shop\com_virtuemart\js\greybox\loader_frame.html
[2009.10.24 22:56:53 | 000,009,070 | ---- | M] () -- \WEBY\www.porez-dreva.cz\administrator\components\com_phocagallery\assets\upload\uploader.js
[2009.10.24 22:57:38 | 000,000,668 | ---- | M] () -- \WEBY\www.porez-dreva.cz\administrator\components\com_phocagallery\front\assets\js\highslide\graphics\loader.gif
[2009.10.24 22:57:38 | 000,000,673 | ---- | M] () -- \WEBY\www.porez-dreva.cz\administrator\components\com_phocagallery\front\assets\js\highslide\graphics\loader.white.gif
[2009.10.24 23:05:52 | 000,000,668 | ---- | M] () -- \WEBY\www.porez-dreva.cz\components\com_phocagallery\assets\js\highslide\graphics\loader.gif
[2009.10.24 23:05:52 | 000,000,673 | ---- | M] () -- \WEBY\www.porez-dreva.cz\components\com_phocagallery\assets\js\highslide\graphics\loader.white.gif
[2009.10.24 23:10:05 | 000,004,052 | ---- | M] () -- \WEBY\www.porez-dreva.cz\libraries\loader.php
[2009.10.24 23:13:33 | 000,000,584 | ---- | M] () -- \WEBY\www.porez-dreva.cz\media\system\images\mootree_loader.gif
[2009.10.24 23:13:40 | 000,008,747 | ---- | M] () -- \WEBY\www.porez-dreva.cz\media\system\js\uploader.js
[2009.10.24 23:13:41 | 000,001,615 | ---- | M] () -- \WEBY\www.porez-dreva.cz\media\system\swf\uploader.swf
[2009.10.24 23:24:04 | 000,002,767 | ---- | M] () -- \WEBY\www.porez-dreva.cz\plugins\system\jceutilities\themes\light\img\loader.gif
[2009.10.24 23:24:08 | 000,003,208 | ---- | M] () -- \WEBY\www.porez-dreva.cz\plugins\system\jceutilities\themes\shadow\img\loader.gif
[2009.10.24 23:24:13 | 000,004,176 | ---- | M] () -- \WEBY\www.porez-dreva.cz\plugins\system\jceutilities\themes\squeeze\img\loader.gif
[2009.10.24 23:24:17 | 000,002,054 | ---- | M] () -- \WEBY\www.porez-dreva.cz\plugins\system\jceutilities\themes\standard\img\loader.gif
[2007.09.24 16:28:29 | 000,002,717 | ---- | M] () -- \WEBY\www.qo.cz\admin\fck\editor\_source\classes\fckstylesloader.js
[2009.10.26 18:23:22 | 000,004,052 | ---- | M] () -- \WEBY\www.sklarskeformy.cz\libraries\loader.php
[2009.10.26 18:27:48 | 000,000,584 | ---- | M] () -- \WEBY\www.sklarskeformy.cz\media\system\images\mootree_loader.gif
[2009.10.26 18:28:01 | 000,008,747 | ---- | M] () -- \WEBY\www.sklarskeformy.cz\media\system\js\uploader.js
[2009.10.26 18:28:02 | 000,001,615 | ---- | M] () -- \WEBY\www.sklarskeformy.cz\media\system\swf\uploader.swf

< End of report >
Nahoru
hippous
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 dub 2012 14:32

Re: Babylon, jak se ho zbavit

#5 Příspěvek od hippous »

OTL Extras logfile created on: 16.4.2012 14:28:23 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = D:\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,87% Memory free
4,00 Gb Paging File | 2,94 Gb Available in Paging File | 73,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,31 Gb Total Space | 14,03 Gb Free Space | 35,70% Space Free | Partition Type: NTFS
Drive D: | 193,57 Gb Total Space | 13,21 Gb Free Space | 6,83% Space Free | Partition Type: NTFS

Computer Name: MISANEK-PC | User Name: Misanek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4175658864-2755385545-3375998122-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18435829-4E75-4CD1-9796-A62DBBAE2ED7}" = DeepSkyStacker
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1A573B3D-ECE2-F49B-F4D0-8CFA74236B66}" = Catalyst Control Center HydraVision Full
"{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}" = Quake Live Mozilla Plugin
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.3.11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2814A676-E972-460A-1EF7-5C4FE1BF3A5C}" = Catalyst Control Center Graphics Previews Common
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{37476589-E48E-439E-A706-56189E2ED4C4}" = TheBflix
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1" = Virtual Moon Atlas Pro 5.0
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C00981A-91B5-1837-1473-7AE639591CD2}" = ccc-core-static
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{925D9613-EA6A-4DF0-9186-AD968159D1B1}" = Tony Hawk's American Wasteland 1.01 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0343AB9-5216-C416-B962-AB28A85F54E2}" = Catalyst Control Center Core Implementation
"{A261F28E-6053-4414-9B84-AA8FE5F47AD4}_is1" = Cartes du Ciel V3.1
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AD4B3D50-EB7D-BF5F-2670-AEB01FE7A954}" = ccc-utility
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BACF70EA-27E6-C3B5-5CDA-D9819B3FE0C6}" = CCC Help English
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E2057895-F881-77FC-EA38-97D0DF73E1FA}" = Catalyst Control Center Graphics Light
"{E27622FF-C563-1915-E4C0-64A03A24CF77}" = Catalyst Control Center Graphics Previews Vista
"{E4A94926-7F57-E35A-0782-341BB6C91BD5}" = Catalyst Control Center Graphics Full New
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20D402D-BBE3-C212-9B9E-07ECAFB4D3C0}" = ATI Catalyst Install Manager
"{FFD5DBA4-898F-1307-20C9-7A9156F57B60}" = Catalyst Control Center Graphics Full Existing
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AviSynth" = AviSynth 2.5
"bwin Poker JPC_is1" = bwin Poker JPC 1.0.0
"CCleaner" = CCleaner
"DPP" = Canon Utilities Digital Photo Professional 3.8
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"FastStone Image Viewer" = FastStone Image Viewer 4.3
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"Foxit Reader" = Foxit Reader
"FS2XPlane" = FS2XPlane
"Hamachi" = Hamachi 1.0.1.5
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"rajče.net_is1" = rajče verze 56 sestavení 144
"SpeedFan" = SpeedFan (remove only)
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.3
"VMware_Workstation" = VMware Workstation
"Warcraft III" = Warcraft III
"Web Album Generator_is1" = Web Album Generator 1.8.2
"WebDesigner" = Microsoft Expression Web
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4175658864-2755385545-3375998122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"RegiStax 6" = RegiStax 6
"RegiStax 6.1.0.8 update" = RegiStax 6.1.0.8 update
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in
"WinImage" = WinImage

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.4.2012 17:33:17 | Computer Name = Misanek-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 15.4.2012 17:33:17 | Computer Name = Misanek-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 15.4.2012 17:33:17 | Computer Name = Misanek-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 15.4.2012 17:33:22 | Computer Name = Misanek-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 15.4.2012 17:34:40 | Computer Name = Misanek-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware workstation\vssSnapVista64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 15.4.2012 17:34:40 | Computer Name = Misanek-PC | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro c:\program files\VMware\vmware workstation\resources\imgCustPrep64.exe
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\VMware\vmware
workstation\resources\Microsoft.VC80.CRT.MANIFEST na řádku 4. Identita komponenty
nalezená v manifestu nesouhlasí s identitou požadované komponenty. Odkaz je Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Definice
je Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 15.4.2012 17:38:09 | Computer Name = Misanek-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 15.4.2012 17:38:43 | Computer Name = Misanek-PC | Source = System Restore | ID = 8193
Description =

Error - 15.4.2012 18:00:01 | Computer Name = Misanek-PC | Source = System Restore | ID = 8193
Description =

Error - 16.4.2012 7:35:25 | Computer Name = Misanek-PC | Source = System Restore | ID = 8193
Description =

[ OSession Events ]
Error - 17.11.2011 19:37:12 | Computer Name = Misanek-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 20, Application Name: Microsoft Expression Web, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5439
seconds with 4620 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 14.4.2012 7:43:49 | Computer Name = Misanek-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 14.4.2012 17:53:58 | Computer Name = Misanek-PC | Source = Service Control Manager | ID = 7000
Description = Služba VMware VMparport neuspěla při spuštění v důsledku následující
chyby: %%20

Error - 14.4.2012 17:54:34 | Computer Name = Misanek-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 15.4.2012 13:46:52 | Computer Name = Misanek-PC | Source = Service Control Manager | ID = 7000
Description = Služba VMware VMparport neuspěla při spuštění v důsledku následující
chyby: %%20

Error - 15.4.2012 13:47:07 | Computer Name = Misanek-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 16.4.2012 7:23:02 | Computer Name = Misanek-PC | Source = Service Control Manager | ID = 7000
Description = Služba VMware VMparport neuspěla při spuštění v důsledku následující
chyby: %%20

Error - 16.4.2012 7:24:24 | Computer Name = Misanek-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (13:23:02, ?16.?4.?2012) bylo neočekávané.

Error - 16.4.2012 7:24:32 | Computer Name = Misanek-PC | Source = BugCheck | ID = 1001
Description =

Error - 16.4.2012 7:24:35 | Computer Name = Misanek-PC | Source = Service Control Manager | ID = 7000
Description = Služba VMware VMparport neuspěla při spuštění v důsledku následující
chyby: %%20

Error - 16.4.2012 7:25:06 | Computer Name = Misanek-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Babylon, jak se ho zbavit

#6 Příspěvek od Márty84 »

Abych rekl pravdu pravosti Windows si nejsem uplne jist, protoze ja jsem je neinstaloval.
A kdo ho tedy instaloval? Zeptejte se ho :)

:arrow: Stahnete SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte ho na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do okna zkopirujte tento skript

Kód: Vybrat vše

:filefind
*babylon*

:folderfind
*babylon*
kliknete na Look a chvili pockejte
Mel by na vas vyskocit log s nazvem Systemlook
Ten mi sem zkopirujte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
sarka
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 20 črc 2012 22:13

Re: Babylon, jak se ho zbavit

#7 Příspěvek od sarka »

Dobry den,
nastroje, ktere jste doporucil jsou zajimave.
Dala jsem vyhledat soubory i adresare babylon a vsechny jsem je vymazla.
Nicmene nesmrtelny babylon se vnucuje stale.
Mate jeste nejake eso v rukavu? :-)
Dekuji Sarka
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Babylon, jak se ho zbavit

#8 Příspěvek od Márty84 »

sarka píše:Dobry den,
nastroje, ktere jste doporucil jsou zajimave.
Dala jsem vyhledat soubory i adresare babylon a vsechny jsem je vymazla.
Nicmene nesmrtelny babylon se vnucuje stale.
Mate jeste nejake eso v rukavu? :-)
Dekuji Sarka
Zdravim :)

Babylon je skutecne tezko znicitelny. Ale u kazdeho pc je to jine. Zalezi jak moc je v pc zazrany.
Muzem na to kouknout, jestli chcete, ale potreboval bych videt nejaky log.
Zalozte si prosim sve vlastni tema a dejte tam log z RSIT. Pokud chcete at se na to podivam ja, napiste do predmetu Pro Márty84 a napiste mi k tomu logu, kde se babylon ukazuje. Jestli ve vsech prohlizecich, nebo jen v nekterem.
Jestli je vam jedno kdo se na to koukne, do predmetu napiste treba jen Babylon :)

Zde uz prosim nepiste :wink:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“