Dobrý den,
prosím o kontrolu logu, počítač se zdá v poslední době být pomalejší:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2012-05-18 14:09:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 4 GB (10%) free of 40 GB
Total RAM: 3959 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:21, on 18.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
D:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\WebCam\S6000\S6000Mnt.exe
D:\Programy\WinAmp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Programy\Mozilla Firefox\firefox.exe
D:\Programy\Miranda\miranda32.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\WinAmp\winampa.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Programy\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Windows Updater] C:\Users\Martin\AppData\Roaming\svchost.exe
O4 - HKCU\..\Run: [adobeupdater] "C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrlAPI - Unknown owner - D:\Programy\cygwin\bin\cygrunsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: rpcnetp - Unknown owner - C:\Windows\System32\rpcnetp.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11304 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 28451568
\??\C:\Windows\system32\conhost.exe "1167999459-12931455063937904721111082369-1204376540768369134-1715212455-1388469149
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\emaudsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"D:\Programy\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\Programy\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\WebCam\S6000\S6000Mnt.exe
"D:\Programy\WinAmp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"D:\Programy\Mozilla Firefox\firefox.exe"
"D:\Programy\Miranda\miranda32.exe"
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe42_ Global\UsGthrCtrlFltPipeMssGthrPipe42 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"D:\Firefox Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
D:\Programy\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Programy\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
D:\Programy\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
D:\Programy\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\
firefox@ghostery.com
maps@ovi.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 59272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-05-21 295936]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=D:\Programy\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AlcoholAutomount"=D:\Programy\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Google Update"=C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
"Windows Updater"=C:\Users\Martin\AppData\Roaming\svchost.exe []
"adobeupdater"=C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-02-15 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files (x86)\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programy\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
D:\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Programy\Steam\steam.exe [2011-08-02 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"S6000Mnt"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-23 284696]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"WinampAgent"=D:\Programy\WinAmp\winampa.exe [2011-06-30 74752]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-03-07 4241512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.TMB0"=tmbvcm64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-18 13:57:36 ----D---- C:\rsit
2012-05-18 13:57:36 ----D---- C:\Program Files\trend micro
2012-05-12 22:48:06 ----A---- C:\Windows\system32\imagecfg.exe
2012-05-12 10:48:50 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-12 10:48:50 ----A---- C:\Windows\system32\DWrite.dll
2012-05-12 10:48:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-12 10:48:45 ----A---- C:\Windows\system32\win32k.sys
2012-05-12 10:48:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-12 10:48:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-12 10:48:17 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-12 10:47:45 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-05 14:49:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-04-26 09:50:21 ----D---- C:\ProgramData\Mozilla
2012-04-26 09:50:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
======List of files/folders modified in the last 1 month======
2012-05-18 14:09:13 ----D---- C:\Windows\Temp
2012-05-18 13:57:36 ----RD---- C:\Program Files
2012-05-18 13:53:04 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2012-05-18 12:35:24 ----D---- C:\Windows\system32\config
2012-05-18 12:22:48 ----D---- C:\Users\Martin\AppData\Roaming\Dropbox
2012-05-18 12:20:32 ----A---- C:\Windows\SYSWOW64\log.txt
2012-05-18 12:20:08 ----A---- C:\Windows\SYSWOW64\rpcnetp.exe
2012-05-18 12:20:08 ----A---- C:\Windows\SYSWOW64\rpcnetp.dll
2012-05-18 12:20:08 ----A---- C:\Windows\system32\rpcnetp.exe
2012-05-16 12:25:44 ----RSD---- C:\Windows\assembly
2012-05-16 12:25:44 ----D---- C:\Windows\Microsoft.NET
2012-05-15 17:14:20 ----D---- C:\Windows\System32
2012-05-15 17:14:20 ----D---- C:\Windows\inf
2012-05-15 17:14:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-15 13:10:48 ----D---- C:\Windows\SysWOW64
2012-05-15 13:09:32 ----A---- C:\Windows\SYSWOW64\Upgrd.exe
2012-05-15 13:09:24 ----N---- C:\Windows\SYSWOW64\rpcnet.exe
2012-05-15 13:09:24 ----A---- C:\Windows\SYSWOW64\rpcnet.dll
2012-05-14 17:40:09 ----D---- C:\Users\Martin\AppData\Roaming\BitTorrent
2012-05-14 08:29:19 ----SHD---- C:\System Volume Information
2012-05-13 21:30:04 ----D---- C:\Windows
2012-05-13 21:12:38 ----D---- C:\Windows\system32\drivers
2012-05-13 20:53:40 ----D---- C:\Users\Martin\AppData\Roaming\WinAmp
2012-05-13 20:52:52 ----HD---- C:\ProgramData
2012-05-13 11:41:25 ----D---- C:\Windows\Logs
2012-05-12 22:37:26 ----D---- C:\Windows\Prefetch
2012-05-12 22:36:43 ----D---- C:\Windows\winsxs
2012-05-12 22:36:20 ----D---- C:\Windows\system32\catroot2
2012-05-12 22:24:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-05-12 16:43:22 ----D---- C:\Windows\debug
2012-05-12 16:43:19 ----A---- C:\Windows\system32\MRT.exe
2012-05-12 16:43:05 ----SHD---- C:\Windows\Installer
2012-05-12 16:40:22 ----D---- C:\Windows\system32\catroot
2012-05-12 16:34:29 ----D---- C:\Program Files\Windows Journal
2012-05-07 20:20:59 ----D---- C:\Users\Martin\AppData\Roaming\Mozilla
2012-05-05 14:49:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-03 11:24:38 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2012-05-01 18:02:54 ----RSD---- C:\Windows\Fonts
2012-04-26 18:36:40 ----RD---- C:\Users
2012-04-26 09:50:18 ----RD---- C:\Program Files (x86)
2012-04-22 13:45:17 ----RD---- C:\Program Files (x86)\Skype
2012-04-22 13:45:17 ----D---- C:\Program Files (x86)\Common Files
2012-04-22 13:45:11 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-04 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-02-01 2978296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-07-30 406056]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 XilinxPC4Driver;XilinxPC4Driver; C:\Windows\System32\drivers\XPC4DRVR.SYS []
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-05-24 243760]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-26 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-26 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-26 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-26 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-26 21544]
S3 emusba10;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys [2007-11-26 213272]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-01 239136]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 S6000KNT;S6000KNT_WebCam Driver; C:\Windows\System32\Drivers\S6000KNT.sys [2009-12-15 183040]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-05 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-07 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 emaudsv;E-MU Audio Service; C:\Windows\system32\emaudsv.exe [2007-11-26 25600]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R2 WMCoreService;Mobile Broadband Service; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [2010-03-18 462888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
S2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2012-05-15 58288]
S2 rpcnetp;rpcnetp; C:\Windows\System32\rpcnetp.exe [2012-05-18 17920]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S2 StarWindServiceAE;StarWind AE Service; D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BrlAPI;BrlAPI; D:\Programy\cygwin\bin\cygrunsrv.exe [2008-03-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-12-23 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-02 1255736]
S4 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Děkuji
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim a pekny den preji 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Dobrý den, omlouvám se za dlouhou odezvu, tady jsou logy:
OTL logfile created on: 20.5.2012 17:49:08 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Martin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 43,45% Memory free
7,73 Gb Paging File | 5,47 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 5,22 Gb Free Space | 13,39% Space Free | Partition Type: NTFS
Drive D: | 557,11 Gb Total Space | 100,12 Gb Free Space | 17,97% Space Free | Partition Type: NTFS
Drive F: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.20 17:47:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2012.04.26 09:50:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 07:53:54 | 001,496,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.30 20:29:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- D:\Programy\WinAmp\winampa.exe
PRC - [2010.03.18 21:32:08 | 000,462,888 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2009.12.23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.23 18:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.12.15 11:31:46 | 000,047,616 | ---- | M] () -- C:\Windows\WebCam\S6000\S6000Mnt.exe
PRC - [2009.09.30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.06.25 12:09:40 | 000,690,272 | ---- | M] ( ) -- D:\Programy\Miranda\miranda32.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- D:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2003.09.05 01:09:52 | 000,322,663 | ---- | M] (Grumdrig) -- C:\Users\Martin\Desktop\pq.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.12 22:43:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.12 22:42:53 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012.05.12 22:42:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012.05.12 22:42:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.12 22:42:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.12 22:42:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.12 22:42:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.12 22:42:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.05 13:54:31 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.04.26 09:50:11 | 001,952,696 | ---- | M] () -- D:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.04.04 07:53:52 | 000,249,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012.02.13 19:58:02 | 000,070,424 | ---- | M] () -- D:\Programy\TortoiseSVN\bin\libsasl32.dll
MOD - [2010.11.13 04:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.15 11:31:46 | 000,047,616 | ---- | M] () -- C:\Windows\WebCam\S6000\S6000Mnt.exe
MOD - [2009.07.16 16:09:14 | 000,028,160 | ---- | M] () -- D:\Programy\Miranda\Plugins\mradio.dll
MOD - [2009.06.25 12:09:10 | 000,052,836 | ---- | M] () -- D:\Programy\Miranda\zlib.dll
MOD - [2009.06.25 12:08:56 | 000,313,450 | ---- | M] () -- D:\Programy\Miranda\Plugins\ICQ.dll
MOD - [2009.06.25 12:08:44 | 000,036,973 | ---- | M] () -- D:\Programy\Miranda\Plugins\dbx_mmap.dll
MOD - [2009.06.25 12:08:16 | 000,063,586 | ---- | M] () -- D:\Programy\Miranda\Plugins\avs.dll
MOD - [2009.05.10 15:19:58 | 000,068,608 | ---- | M] () -- D:\Programy\Miranda\Plugins\AuthState.dll
MOD - [2008.10.28 20:27:02 | 000,453,060 | ---- | M] () -- D:\Programy\Miranda\Plugins\Fingerprint.dll
MOD - [2008.10.19 21:41:16 | 000,086,016 | ---- | M] () -- D:\Programy\Miranda\Plugins\quicksearch.dll
MOD - [2008.07.27 01:30:52 | 000,086,113 | ---- | M] () -- D:\Programy\Miranda\Plugins\StartupStatus.dll
MOD - [2008.07.27 01:30:42 | 000,090,203 | ---- | M] () -- D:\Programy\Miranda\Plugins\KeepStatus.dll
MOD - [2008.04.16 00:44:00 | 000,634,880 | ---- | M] () -- D:\Programy\Miranda\Plugins\historystats.dll
MOD - [2007.01.06 03:14:36 | 000,045,056 | ---- | M] () -- D:\Programy\Miranda\Plugins\mtextcontrolW.dll
MOD - [2006.05.11 10:29:02 | 000,107,520 | ---- | M] () -- D:\Programy\Miranda\Plugins\TypingNotify.dll
MOD - [2005.02.01 20:02:46 | 000,049,152 | ---- | M] () -- D:\Programy\Miranda\Plugins\findAmsg.dll
MOD - [2004.08.21 23:34:12 | 000,019,968 | ---- | M] () -- D:\Programy\Miranda\Plugins\mContacts.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.01.05 04:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.06.25 10:08:30 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2007.11.26 17:13:06 | 000,025,600 | ---- | M] (E-MU Systems) [Auto | Running] -- C:\Windows\SysNative\emaudsv.exe -- (emaudsv)
SRV - [2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2012.05.05 14:49:34 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.26 09:50:12 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.23 16:21:29 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 21:32:08 | 000,462,888 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.12.23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2009.09.30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.18 12:28:46 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- D:\Programy\cygwin\bin\cygrunsrv.exe -- (BrlAPI)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.02.04 21:57:18 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.02.01 15:23:30 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.01.05 05:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.05 04:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.07.30 17:36:14 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.06.26 02:13:18 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.26 02:12:26 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.26 02:12:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.26 02:12:24 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.26 02:12:24 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.03.01 16:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.02.10 16:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.27 12:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.15 11:27:50 | 000,183,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S6000KNT.sys -- (S6000KNT)
DRV:64bit: - [2009.09.17 21:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.24 20:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.11.26 17:15:06 | 000,213,272 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emusba10.sys -- (emusba10)
DRV:64bit: - [2006.11.16 17:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.05.18 23:12:12 | 000,016,000 | ---- | M] (Xilinx, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\XPC4DRVR.SYS -- (XilinxPC4Driver)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.28 00:24:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.28 00:24:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.03.16 17:34:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Programy\Mozilla Firefox\components [2012.04.26 09:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2012.04.13 09:46:02 | 000,000,000 | ---D | M]
[2011.02.01 15:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012.05.11 16:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions
[2012.04.25 21:06:30 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.04.09 19:53:37 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\firefox@ghostery.com
[2011.04.27 19:23:34 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\maps@ovi.com
[2012.01.06 09:27:19 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.30 14:19:49 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011.09.03 17:28:05 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = D:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: QRreader beta = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdjglobiolninfgldchakgfldifphic\0.4_0\
CHR - Extension: YouTube = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX HiQ = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: avast! WebRep = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.02.18 14:12:53 | 000,429,483 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14784 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt File not found
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] D:\Programy\WinAmp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [adobeupdater] "C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe" File not found
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [AlcoholAutomount] D:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [SpybotSD TeaTimer] D:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [Windows Updater] C:\Users\Martin\AppData\Roaming\svchost.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53FE85B6-39A7-4E3B-8940-53E7396DC985}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.02 14:21:51 | 000,000,051 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\Shell\AutoRun\command - "" = F:\LaunchBFII.exe -- [2005.09.23 17:54:10 | 000,557,056 | R--- | M] ()
O33 - MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\install\command - "" = H:\winstall.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\readme\command - "" = notepad swinst\install.txt
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\Tech Support\command - "" = H:\swinst\swhelp.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.TMB0 - File not found
Drivers32: msacm.iac2 - c:\Windows\system\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - D:\Programy\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv50 - c:\Windows\system\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.20 17:47:54 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.05.18 13:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.18 13:57:36 | 000,000,000 | ---D | C] -- C:\rsit
[2012.05.18 13:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
[2012.05.17 13:43:03 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\si
========== Files - Modified Within 7 Days ==========
[2012.05.20 17:55:38 | 000,004,610 | ---- | M] () -- C:\Users\Martin\Desktop\Greptrick [Pemptus].pq
[2012.05.20 17:54:07 | 000,004,551 | ---- | M] () -- C:\Users\Martin\Desktop\Greptrick [Pemptus].bak
[2012.05.20 17:51:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.20 17:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.20 17:47:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.05.20 17:35:09 | 000,017,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.20 17:35:09 | 000,017,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.20 17:20:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job
[2012.05.20 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job
[2012.05.20 16:58:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.20 16:58:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.20 15:52:05 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2012.05.20 15:52:03 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2012.05.20 15:50:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.20 10:58:47 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012.05.20 10:58:24 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012.05.15 17:14:20 | 001,577,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.15 17:14:20 | 000,666,604 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.05.15 17:14:20 | 000,652,308 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.15 17:14:20 | 000,140,268 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.05.15 17:14:20 | 000,121,240 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.15 13:09:32 | 000,013,160 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\Upgrd.exe
[2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.exe
[2012.05.13 19:51:30 | 001,696,482 | ---- | M] () -- C:\Users\Martin\AppData\Local\2551191352012setup.exe
========== Files Created - No Company Name ==========
[2012.05.20 17:51:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.13 19:51:26 | 001,696,482 | ---- | C] () -- C:\Users\Martin\AppData\Local\2551191352012setup.exe
[2012.03.03 14:37:06 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012.02.18 14:16:09 | 000,028,304 | ---- | C] () -- C:\Windows\scunin.dat
[2012.01.14 14:22:17 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.01.10 12:45:52 | 000,000,271 | ---- | C] () -- C:\Windows\vtmb.ini
[2011.11.28 16:55:53 | 000,000,000 | ---- | C] () -- C:\Users\Martin\AppData\Local\{06CAC24A-B241-4B91-8F6E-350D81C47133}
[2011.11.06 20:02:33 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.10.11 17:00:38 | 000,000,311 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.11 13:42:50 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2011.09.11 13:42:49 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2011.09.07 21:00:50 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2011.09.07 20:52:00 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011.09.06 21:43:16 | 001,556,420 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.30 17:23:44 | 000,045,286 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\room_v3.dat
[2011.05.27 14:15:01 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2011.05.27 14:11:29 | 000,000,406 | ---- | C] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2011.05.24 22:41:04 | 000,046,742 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\room.dat
[2011.05.23 21:24:44 | 000,001,480 | ---- | C] () -- C:\Users\Martin\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2011.04.07 14:35:00 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2011.03.14 13:44:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2011.03.14 13:44:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011.03.13 22:13:31 | 000,005,120 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.04 13:45:30 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2011.03.04 13:45:23 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2011.03.04 13:45:23 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2011.02.27 23:34:01 | 000,273,945 | ---- | C] () -- C:\Windows\Fast AVI to GIF Converter Uninstaller.exe
[2011.02.27 14:01:20 | 000,040,960 | R--- | C] () -- C:\Windows\IGLobbyReg.exe
[2011.02.18 13:26:11 | 000,000,600 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\winscp.rnd
[2011.02.18 13:06:47 | 000,000,600 | ---- | C] () -- C:\Users\Martin\AppData\Local\PUTTY.RND
[2011.02.14 18:53:58 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2011.02.14 16:50:38 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2011.02.14 16:50:10 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2011.02.14 15:31:54 | 000,065,536 | ---- | C] () -- C:\Windows\TADSUINS.EXE
[2011.02.04 22:42:13 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.02.03 21:38:09 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.01 15:58:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.01 14:57:22 | 000,015,190 | ---- | C] () -- C:\Windows\S6000Twn.ini
[2011.02.01 14:45:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.01 13:35:02 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.02.01 13:34:06 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.02.04 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.06.01 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft – kopie
[2011.09.25 20:10:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2011.04.25 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Babylon
[2012.05.14 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\BitTorrent
[2011.06.10 10:11:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Cakewalk
[2011.12.27 22:58:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\calibre
[2012.04.09 18:10:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Celemony Software GmbH
[2011.09.07 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.05.20 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2012.02.29 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Firefly Studios
[2011.03.19 17:25:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2012.01.19 14:18:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IDoser
[2012.02.07 18:08:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Minetographer
[2011.03.11 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Miranda
[2011.09.21 19:50:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Oracle SQL Developer Data Modeler
[2011.07.16 19:44:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PDF Writer
[2011.10.25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Programy
[2011.02.28 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.02.29 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RotMG.Production
[2011.02.28 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.02.25 13:22:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sparx Systems
[2011.09.04 15:52:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2011.11.20 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SQL Developer
[2011.02.14 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2012.02.24 13:27:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2011.02.28 21:34:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sytexis Software
[2011.09.29 18:12:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VisualWorksLaunchPad
[2011.02.14 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2011.07.03 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD
[2012.02.27 07:26:57 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=52207A2E05BCAB16221E999B93C4A95D -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.04 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.06.01 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft – kopie
[2011.08.08 09:53:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2011.02.24 21:16:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Apple Computer
[2011.02.01 14:46:37 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ATI
[2011.09.25 20:10:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2011.04.25 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Babylon
[2012.05.14 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\BitTorrent
[2011.06.10 10:11:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Cakewalk
[2011.12.27 22:58:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\calibre
[2012.04.09 18:10:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Celemony Software GmbH
[2011.09.07 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.14 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Creative Professional
[2011.02.28 00:25:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DivX
[2012.05.20 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2011.12.01 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\dvdcss
[2012.02.29 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Firefly Studios
[2011.03.19 17:25:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2011.02.01 13:42:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2012.01.19 14:18:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IDoser
[2011.02.01 15:03:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield
[2011.02.01 15:07:12 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Intel Corporation
[2011.02.01 16:16:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2011.02.01 16:00:33 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Malwarebytes
[2011.08.22 12:56:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mathematica
[2009.07.14 17:36:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2012.03.04 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Player Classic
[2012.03.22 21:36:05 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2012.02.07 18:08:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Minetographer
[2011.03.11 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Miranda
[2011.05.03 13:38:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mIRC
[2012.05.07 20:20:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2011.02.01 15:43:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\NCH Software
[2011.09.21 19:50:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Oracle SQL Developer Data Modeler
[2011.07.16 19:44:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PDF Writer
[2011.10.25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Programy
[2011.02.28 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.02.29 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RotMG.Production
[2011.05.27 14:15:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sibelius Software
[2012.05.18 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2012.02.19 16:20:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\skypePM
[2011.02.28 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.02.25 13:22:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sparx Systems
[2011.09.04 15:52:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2011.11.20 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SQL Developer
[2011.02.14 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2012.02.24 13:27:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2011.02.28 21:34:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sytexis Software
[2011.09.15 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Toribash
[2012.02.26 14:50:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TortoiseSVN
[2011.09.29 18:12:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VisualWorksLaunchPad
[2012.05.03 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\vlc
[2011.02.14 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2012.05.13 20:53:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinAmp
[2011.02.01 14:25:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR
[2011.07.03 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD
< %APPDATA%\*.exe /s >
[2011.09.25 21:43:14 | 001,052,256 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\.minecraft\mcpatcher-2.1.1_01.exe
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.03.25 13:08:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- C:\Users\Martin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011.02.01 16:36:36 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Martin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.01 14:34:22 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{67C9B2A9-6F22-610C-BFC8-B8F0B199ABEA}\ARPPRODUCTICON.exe
[2012.05.18 16:19:15 | 000,017,542 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{CED3B64B-9381-4AB8-A213-6C084C952E43}\_C5F9E995A97771C1259FD8.exe
[2010.06.12 21:15:08 | 000,100,352 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zamzom Wireless Network Tool.exe
[2011.11.13 23:17:48 | 000,188,152 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\FlashGot.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.20 17:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.05.20 16:58:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.05.20 17:58:12 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.05.20 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job
[2012.05.20 17:20:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.20 15:52:01 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2012.05.20 15:52:03 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\system32\rpcnet.dll
[2012.05.20 10:58:47 | 000,017,920 | ---- | M] () -- C:\Windows\system32\rpcnetp.dll
[2012.05.20 10:58:24 | 000,017,920 | ---- | M] () -- C:\Windows\system32\rpcnetp.exe
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SpybotSD TeaTimer" = D:\Programy\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"AlcoholAutomount" = "D:\Programy\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009.11.15 11:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
"Google Update" = "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.02.01 14:50:25 | 000,136,176 | ---- | M] (Google Inc.)
"Windows Updater" = C:\Users\Martin\AppData\Roaming\svchost.exe
"adobeupdater" = "C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe"
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
OTL logfile created on: 20.5.2012 17:49:08 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Martin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 43,45% Memory free
7,73 Gb Paging File | 5,47 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 5,22 Gb Free Space | 13,39% Space Free | Partition Type: NTFS
Drive D: | 557,11 Gb Total Space | 100,12 Gb Free Space | 17,97% Space Free | Partition Type: NTFS
Drive F: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.20 17:47:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2012.04.26 09:50:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 07:53:54 | 001,496,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.30 20:29:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- D:\Programy\WinAmp\winampa.exe
PRC - [2010.03.18 21:32:08 | 000,462,888 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2009.12.23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.23 18:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.12.15 11:31:46 | 000,047,616 | ---- | M] () -- C:\Windows\WebCam\S6000\S6000Mnt.exe
PRC - [2009.09.30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.06.25 12:09:40 | 000,690,272 | ---- | M] ( ) -- D:\Programy\Miranda\miranda32.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- D:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2003.09.05 01:09:52 | 000,322,663 | ---- | M] (Grumdrig) -- C:\Users\Martin\Desktop\pq.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.12 22:43:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.12 22:42:53 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012.05.12 22:42:47 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012.05.12 22:42:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.12 22:42:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.12 22:42:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.12 22:42:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.12 22:42:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.05 13:54:31 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.04.26 09:50:11 | 001,952,696 | ---- | M] () -- D:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.04.04 07:53:52 | 000,249,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012.02.13 19:58:02 | 000,070,424 | ---- | M] () -- D:\Programy\TortoiseSVN\bin\libsasl32.dll
MOD - [2010.11.13 04:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.15 11:31:46 | 000,047,616 | ---- | M] () -- C:\Windows\WebCam\S6000\S6000Mnt.exe
MOD - [2009.07.16 16:09:14 | 000,028,160 | ---- | M] () -- D:\Programy\Miranda\Plugins\mradio.dll
MOD - [2009.06.25 12:09:10 | 000,052,836 | ---- | M] () -- D:\Programy\Miranda\zlib.dll
MOD - [2009.06.25 12:08:56 | 000,313,450 | ---- | M] () -- D:\Programy\Miranda\Plugins\ICQ.dll
MOD - [2009.06.25 12:08:44 | 000,036,973 | ---- | M] () -- D:\Programy\Miranda\Plugins\dbx_mmap.dll
MOD - [2009.06.25 12:08:16 | 000,063,586 | ---- | M] () -- D:\Programy\Miranda\Plugins\avs.dll
MOD - [2009.05.10 15:19:58 | 000,068,608 | ---- | M] () -- D:\Programy\Miranda\Plugins\AuthState.dll
MOD - [2008.10.28 20:27:02 | 000,453,060 | ---- | M] () -- D:\Programy\Miranda\Plugins\Fingerprint.dll
MOD - [2008.10.19 21:41:16 | 000,086,016 | ---- | M] () -- D:\Programy\Miranda\Plugins\quicksearch.dll
MOD - [2008.07.27 01:30:52 | 000,086,113 | ---- | M] () -- D:\Programy\Miranda\Plugins\StartupStatus.dll
MOD - [2008.07.27 01:30:42 | 000,090,203 | ---- | M] () -- D:\Programy\Miranda\Plugins\KeepStatus.dll
MOD - [2008.04.16 00:44:00 | 000,634,880 | ---- | M] () -- D:\Programy\Miranda\Plugins\historystats.dll
MOD - [2007.01.06 03:14:36 | 000,045,056 | ---- | M] () -- D:\Programy\Miranda\Plugins\mtextcontrolW.dll
MOD - [2006.05.11 10:29:02 | 000,107,520 | ---- | M] () -- D:\Programy\Miranda\Plugins\TypingNotify.dll
MOD - [2005.02.01 20:02:46 | 000,049,152 | ---- | M] () -- D:\Programy\Miranda\Plugins\findAmsg.dll
MOD - [2004.08.21 23:34:12 | 000,019,968 | ---- | M] () -- D:\Programy\Miranda\Plugins\mContacts.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.01.05 04:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.06.25 10:08:30 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2007.11.26 17:13:06 | 000,025,600 | ---- | M] (E-MU Systems) [Auto | Running] -- C:\Windows\SysNative\emaudsv.exe -- (emaudsv)
SRV - [2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2012.05.05 14:49:34 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.26 09:50:12 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.23 16:21:29 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 21:32:08 | 000,462,888 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.12.23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2009.09.30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.18 12:28:46 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- D:\Programy\cygwin\bin\cygrunsrv.exe -- (BrlAPI)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.02.04 21:57:18 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.02.01 15:23:30 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.01.05 05:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.05 04:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.07.30 17:36:14 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.06.26 02:13:18 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.26 02:12:26 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.26 02:12:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.26 02:12:24 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.26 02:12:24 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.03.01 16:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.02.10 16:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.27 12:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.15 11:27:50 | 000,183,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S6000KNT.sys -- (S6000KNT)
DRV:64bit: - [2009.09.17 21:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.24 20:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.11.26 17:15:06 | 000,213,272 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emusba10.sys -- (emusba10)
DRV:64bit: - [2006.11.16 17:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.05.18 23:12:12 | 000,016,000 | ---- | M] (Xilinx, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\XPC4DRVR.SYS -- (XilinxPC4Driver)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.28 00:24:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.28 00:24:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.03.16 17:34:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Programy\Mozilla Firefox\components [2012.04.26 09:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2012.04.13 09:46:02 | 000,000,000 | ---D | M]
[2011.02.01 15:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012.05.11 16:41:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions
[2012.04.25 21:06:30 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.04.09 19:53:37 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\firefox@ghostery.com
[2011.04.27 19:23:34 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\extensions\maps@ovi.com
[2012.01.06 09:27:19 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.30 14:19:49 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011.09.03 17:28:05 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SG37AU0M.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Martin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\Programy\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = D:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: QRreader beta = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdjglobiolninfgldchakgfldifphic\0.4_0\
CHR - Extension: YouTube = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX HiQ = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: avast! WebRep = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.02.18 14:12:53 | 000,429,483 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14784 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt File not found
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] D:\Programy\WinAmp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [adobeupdater] "C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe" File not found
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [AlcoholAutomount] D:\Programy\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [SpybotSD TeaTimer] D:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [Windows Updater] C:\Users\Martin\AppData\Roaming\svchost.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53FE85B6-39A7-4E3B-8940-53E7396DC985}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.02 14:21:51 | 000,000,051 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\Shell\AutoRun\command - "" = F:\LaunchBFII.exe -- [2005.09.23 17:54:10 | 000,557,056 | R--- | M] ()
O33 - MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell - "" = AutoRun
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\install\command - "" = H:\winstall.exe
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\readme\command - "" = notepad swinst\install.txt
O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell\Tech Support\command - "" = H:\swinst\swhelp.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.TMB0 - File not found
Drivers32: msacm.iac2 - c:\Windows\system\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - D:\Programy\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv50 - c:\Windows\system\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.20 17:47:54 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.05.18 13:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.18 13:57:36 | 000,000,000 | ---D | C] -- C:\rsit
[2012.05.18 13:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
[2012.05.17 13:43:03 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\si
========== Files - Modified Within 7 Days ==========
[2012.05.20 17:55:38 | 000,004,610 | ---- | M] () -- C:\Users\Martin\Desktop\Greptrick [Pemptus].pq
[2012.05.20 17:54:07 | 000,004,551 | ---- | M] () -- C:\Users\Martin\Desktop\Greptrick [Pemptus].bak
[2012.05.20 17:51:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.20 17:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.20 17:47:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.05.20 17:35:09 | 000,017,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.20 17:35:09 | 000,017,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.20 17:20:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job
[2012.05.20 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job
[2012.05.20 16:58:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.20 16:58:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.20 15:52:05 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2012.05.20 15:52:03 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2012.05.20 15:50:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.20 10:58:47 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012.05.20 10:58:24 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012.05.15 17:14:20 | 001,577,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.15 17:14:20 | 000,666,604 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.05.15 17:14:20 | 000,652,308 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.15 17:14:20 | 000,140,268 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.05.15 17:14:20 | 000,121,240 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.15 13:09:32 | 000,013,160 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\Upgrd.exe
[2012.05.15 13:09:24 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.exe
[2012.05.13 19:51:30 | 001,696,482 | ---- | M] () -- C:\Users\Martin\AppData\Local\2551191352012setup.exe
========== Files Created - No Company Name ==========
[2012.05.20 17:51:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.13 19:51:26 | 001,696,482 | ---- | C] () -- C:\Users\Martin\AppData\Local\2551191352012setup.exe
[2012.03.03 14:37:06 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012.02.18 14:16:09 | 000,028,304 | ---- | C] () -- C:\Windows\scunin.dat
[2012.01.14 14:22:17 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.01.10 12:45:52 | 000,000,271 | ---- | C] () -- C:\Windows\vtmb.ini
[2011.11.28 16:55:53 | 000,000,000 | ---- | C] () -- C:\Users\Martin\AppData\Local\{06CAC24A-B241-4B91-8F6E-350D81C47133}
[2011.11.06 20:02:33 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.10.11 17:00:38 | 000,000,311 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.11 13:42:50 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2011.09.11 13:42:49 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2011.09.07 21:00:50 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2011.09.07 20:52:00 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011.09.06 21:43:16 | 001,556,420 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.30 17:23:44 | 000,045,286 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\room_v3.dat
[2011.05.27 14:15:01 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2011.05.27 14:11:29 | 000,000,406 | ---- | C] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2011.05.24 22:41:04 | 000,046,742 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\room.dat
[2011.05.23 21:24:44 | 000,001,480 | ---- | C] () -- C:\Users\Martin\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2011.04.07 14:35:00 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2011.03.14 13:44:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2011.03.14 13:44:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011.03.13 22:13:31 | 000,005,120 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.04 13:45:30 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2011.03.04 13:45:23 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2011.03.04 13:45:23 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2011.02.27 23:34:01 | 000,273,945 | ---- | C] () -- C:\Windows\Fast AVI to GIF Converter Uninstaller.exe
[2011.02.27 14:01:20 | 000,040,960 | R--- | C] () -- C:\Windows\IGLobbyReg.exe
[2011.02.18 13:26:11 | 000,000,600 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\winscp.rnd
[2011.02.18 13:06:47 | 000,000,600 | ---- | C] () -- C:\Users\Martin\AppData\Local\PUTTY.RND
[2011.02.14 18:53:58 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2011.02.14 16:50:38 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2011.02.14 16:50:10 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2011.02.14 15:31:54 | 000,065,536 | ---- | C] () -- C:\Windows\TADSUINS.EXE
[2011.02.04 22:42:13 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.02.03 21:38:09 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.01 15:58:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.01 14:57:22 | 000,015,190 | ---- | C] () -- C:\Windows\S6000Twn.ini
[2011.02.01 14:45:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.01 13:35:02 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.02.01 13:34:06 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.02.04 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.06.01 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft – kopie
[2011.09.25 20:10:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2011.04.25 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Babylon
[2012.05.14 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\BitTorrent
[2011.06.10 10:11:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Cakewalk
[2011.12.27 22:58:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\calibre
[2012.04.09 18:10:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Celemony Software GmbH
[2011.09.07 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.05.20 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2012.02.29 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Firefly Studios
[2011.03.19 17:25:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2012.01.19 14:18:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IDoser
[2012.02.07 18:08:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Minetographer
[2011.03.11 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Miranda
[2011.09.21 19:50:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Oracle SQL Developer Data Modeler
[2011.07.16 19:44:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PDF Writer
[2011.10.25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Programy
[2011.02.28 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.02.29 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RotMG.Production
[2011.02.28 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.02.25 13:22:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sparx Systems
[2011.09.04 15:52:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2011.11.20 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SQL Developer
[2011.02.14 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2012.02.24 13:27:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2011.02.28 21:34:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sytexis Software
[2011.09.29 18:12:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VisualWorksLaunchPad
[2011.02.14 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2011.07.03 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD
[2012.02.27 07:26:57 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=52207A2E05BCAB16221E999B93C4A95D -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.04 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.06.01 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft – kopie
[2011.08.08 09:53:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2011.02.24 21:16:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Apple Computer
[2011.02.01 14:46:37 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ATI
[2011.09.25 20:10:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2011.04.25 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Babylon
[2012.05.14 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\BitTorrent
[2011.06.10 10:11:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Cakewalk
[2011.12.27 22:58:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\calibre
[2012.04.09 18:10:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Celemony Software GmbH
[2011.09.07 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.14 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Creative Professional
[2011.02.28 00:25:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DivX
[2012.05.20 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2011.12.01 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\dvdcss
[2012.02.29 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Firefly Studios
[2011.03.19 17:25:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GameRanger
[2011.02.01 13:42:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2012.01.19 14:18:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IDoser
[2011.02.01 15:03:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield
[2011.02.01 15:07:12 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Intel Corporation
[2011.02.01 16:16:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2011.02.01 16:00:33 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Malwarebytes
[2011.08.22 12:56:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mathematica
[2009.07.14 17:36:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2012.03.04 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Player Classic
[2012.03.22 21:36:05 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2012.02.07 18:08:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Minetographer
[2011.03.11 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Miranda
[2011.05.03 13:38:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mIRC
[2012.05.07 20:20:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2011.02.01 15:43:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\NCH Software
[2011.09.21 19:50:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Oracle SQL Developer Data Modeler
[2011.07.16 19:44:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PDF Writer
[2011.10.25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Programy
[2011.02.28 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.02.29 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RotMG.Production
[2011.05.27 14:15:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sibelius Software
[2012.05.18 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2012.02.19 16:20:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\skypePM
[2011.02.28 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.02.25 13:22:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sparx Systems
[2011.09.04 15:52:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2011.11.20 16:24:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SQL Developer
[2011.02.14 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2012.02.24 13:27:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Subversion
[2011.02.28 21:34:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sytexis Software
[2011.09.15 17:36:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Toribash
[2012.02.26 14:50:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TortoiseSVN
[2011.09.29 18:12:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VisualWorksLaunchPad
[2012.05.03 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\vlc
[2011.02.14 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2012.05.13 20:53:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinAmp
[2011.02.01 14:25:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR
[2011.07.03 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD
< %APPDATA%\*.exe /s >
[2011.09.25 21:43:14 | 001,052,256 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\.minecraft\mcpatcher-2.1.1_01.exe
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Martin\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.03.25 13:08:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- C:\Users\Martin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011.02.01 16:36:36 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Martin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.01 14:34:22 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{67C9B2A9-6F22-610C-BFC8-B8F0B199ABEA}\ARPPRODUCTICON.exe
[2012.05.18 16:19:15 | 000,017,542 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{CED3B64B-9381-4AB8-A213-6C084C952E43}\_C5F9E995A97771C1259FD8.exe
[2010.06.12 21:15:08 | 000,100,352 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zamzom Wireless Network Tool.exe
[2011.11.13 23:17:48 | 000,188,152 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\sg37au0m.default\FlashGot.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.20 17:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.05.20 16:58:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.05.20 17:58:12 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.05.20 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job
[2012.05.20 17:20:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.20 15:52:01 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2012.05.20 15:52:03 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\system32\rpcnet.dll
[2012.05.20 10:58:47 | 000,017,920 | ---- | M] () -- C:\Windows\system32\rpcnetp.dll
[2012.05.20 10:58:24 | 000,017,920 | ---- | M] () -- C:\Windows\system32\rpcnetp.exe
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SpybotSD TeaTimer" = D:\Programy\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"AlcoholAutomount" = "D:\Programy\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009.11.15 11:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
"Google Update" = "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.02.01 14:50:25 | 000,136,176 | ---- | M] (Google Inc.)
"Windows Updater" = C:\Users\Martin\AppData\Roaming\svchost.exe
"adobeupdater" = "C:\Users\Martin\AppData\Roaming\6 5\rundll32.exe"
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
Re: Prosím o kontrolu
Pokračování:
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.05.09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) MD5=A7F80FD4BA188EE39735FFA90D338ABA -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.20 17:51:48 | 000,000,512 | ---- | M] () MD5=9235D9DD2A3FB73E046F175534F8669E -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.02.23 19:32:05 | 000,001,094 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk
[2011.02.23 19:32:04 | 000,001,084 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk
[2011.02.23 19:32:04 | 000,001,090 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk
[2011.02.23 19:32:05 | 000,001,094 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk
[2011.02.23 19:32:04 | 000,001,084 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk
[2011.02.23 19:32:04 | 000,001,090 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk
< *keygen* /s >
[2012.05.18 13:56:09 | 000,000,585 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\keygen.rar.lnk
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.tlb
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2011.06.09 02:28:44 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2011.06.09 02:28:44 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.11.08 21:03:14 | 000,013,211 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ErrorNotification.html
[2011.11.08 21:03:30 | 000,020,432 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.html
[2011.11.08 21:03:14 | 000,006,597 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.PreloaderNotification.html
[2011.11.08 21:03:28 | 000,010,567 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ProgressNotification.html
[2011.11.08 21:03:10 | 000,015,082 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.html
[2011.11.08 21:03:30 | 000,014,414 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.Type.html
[2011.11.08 21:03:34 | 000,006,842 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ErrorNotification.html
[2011.11.08 21:03:12 | 000,004,449 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.html
[2011.11.08 21:03:20 | 000,009,261 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.PreloaderNotification.html
[2011.11.08 21:03:26 | 000,006,893 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ProgressNotification.html
[2011.11.08 21:03:42 | 000,006,977 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.html
[2011.11.08 21:03:32 | 000,011,165 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.Type.html
[2011.11.08 21:03:10 | 000,010,377 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Attribute.html
[2011.11.08 21:03:34 | 000,012,768 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 21:03:30 | 000,014,222 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.CopyElement.html
[2011.11.08 21:03:38 | 000,011,488 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.DefineElement.html
[2011.11.08 21:03:34 | 000,020,205 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Element.html
[2011.11.08 21:03:16 | 000,014,212 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 21:03:10 | 000,044,046 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.html
[2011.11.08 21:03:34 | 000,014,967 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.IncludeElement.html
[2011.11.08 21:03:44 | 000,016,588 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 21:03:24 | 000,013,878 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyChangeListener.html
[2011.11.08 21:03:36 | 000,015,658 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyElement.html
[2011.11.08 21:03:12 | 000,014,271 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ReferenceElement.html
[2011.11.08 21:03:46 | 000,015,319 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptElement.html
[2011.11.08 21:03:42 | 000,012,568 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptEventHandler.html
[2011.11.08 21:03:34 | 000,015,451 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ValueElement.html
[2011.11.08 21:03:32 | 000,008,341 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Attribute.html
[2011.11.08 21:03:44 | 000,004,702 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 21:03:40 | 000,004,515 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.CopyElement.html
[2011.11.08 21:03:32 | 000,004,537 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.DefineElement.html
[2011.11.08 21:03:10 | 000,006,719 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Element.html
[2011.11.08 21:03:14 | 000,004,647 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 21:03:20 | 000,007,272 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.html
[2011.11.08 21:03:30 | 000,004,548 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.IncludeElement.html
[2011.11.08 21:03:26 | 000,004,680 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 21:03:28 | 000,004,636 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyChangeListener.html
[2011.11.08 21:03:18 | 000,006,587 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyElement.html
[2011.11.08 21:03:24 | 000,004,570 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ReferenceElement.html
[2011.11.08 21:03:40 | 000,004,537 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptElement.html
[2011.11.08 21:03:12 | 000,004,592 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptEventHandler.html
[2011.11.08 21:03:30 | 000,004,526 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ValueElement.html
[2011.06.09 02:28:44 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2011.06.09 02:28:44 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.01.04 22:44:38 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.09.19 20:47:34 | 000,000,765 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.09.19 20:47:34 | 000,000,750 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.09.19 20:47:34 | 000,000,780 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.07.03 15:09:46 | 000,000,726 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Uninstall Youtube Downloader HD.lnk
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.09.19 20:47:34 | 000,000,765 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.09.19 20:47:34 | 000,000,750 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.09.19 20:47:34 | 000,000,780 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.07.03 15:09:46 | 000,000,726 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Uninstall Youtube Downloader HD.lnk
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.03.17 08:30:06 | 000,000,544 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP7\MovieClipLoader.as
[2011.03.17 08:30:06 | 000,000,544 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP8\MovieClipLoader.as
[2011.03.17 08:30:06 | 000,000,576 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP9\MovieClipLoader.as
[2011.03.17 08:30:08 | 000,010,454 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\controls\Loader.as
[2012.05.11 15:31:37 | 000,010,519 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9X3QMEM2\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.05.20 18:16:45 | 000,000,652 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1FWFJZT\AdLoader[2].htm
[2011.06.06 19:14:55 | 000,001,603 | ---- | M] () -- \Users\Martin\AppData\Roaming\.minecraft\ModLoader.txt
[2011.06.06 19:04:47 | 000,000,299 | ---- | M] () -- \Users\Martin\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.05.13 13:14:10 | 000,000,546 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\jDownloader.lnk
[2012.05.13 13:14:10 | 000,000,830 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\Vr4h.Kr3sTaN.Ski.by.DodgE.of.PowerUploaders.part1.rar.lnk
[2011.07.03 18:16:22 | 000,000,044 | ---- | M] () -- \Users\Martin\AppData\Roaming\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \Users\Martin\Desktop\Programy\Youtube Downloader HD.lnk
[2011.02.18 13:03:07 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.07.30 10:06:58 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.29 03:43:16 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.04.28 10:55:06 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.04.28 10:55:06 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.09 22:23:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.09 22:23:17 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.09 22:23:17 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.09 22:23:17 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.09 22:23:17 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD
< End of report >
-------------------------------------------------------------------------------------------------------------------------------
OTL Extras logfile created on: 20.5.2012 17:49:08 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Martin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 43,45% Memory free
7,73 Gb Paging File | 5,47 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 5,22 Gb Free Space | 13,39% Space Free | Partition Type: NTFS
Drive D: | 557,11 Gb Total Space | 100,12 Gb Free Space | 17,97% Space Free | Partition Type: NTFS
Drive F: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Flash\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [printdir] -- %windir%\printdir.bat "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programy\WinAmp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\WinAmp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\WinAmp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Flash\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [printdir] -- %windir%\printdir.bat "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programy\WinAmp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\WinAmp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\WinAmp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B29109-8B5C-4969-8154-62DC3FE1FC85}" = rport=138 | protocol=17 | dir=out | app=system |
"{04443512-838E-4E39-BFD8-6E55FA737800}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B990E7A-A6BA-47FB-8C9A-EBB628B8A652}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CBA4478-7C4D-4620-89ED-620FA1C78973}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CDB96BA-3E08-4201-9F7D-D7F2D955AC83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2842D101-D983-4EA5-B1A1-C61DD448BE2B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{28D87D50-0E8B-4ADE-933F-F01D7C62F49E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29A41938-DE01-46C6-AFA4-859DA5F76800}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BA43AFD-0306-4942-B59F-51D4AD22CFE7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2CF51EDA-0C3C-4681-8C39-DF749B9515E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{456A079A-D3ED-4810-A18B-7BB2994C76B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4762DDB6-B6A2-4D0D-8D89-FD062C7A2356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{480781BD-C5A4-4650-B553-86A3FE9078F5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5C675E5A-4C2B-4D1E-AC8C-EAD121ED845F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60D4555A-7E50-40E5-93C1-9FC6EEDAE20D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9489F94F-1E54-4D4E-A711-DAB4CB2E92DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{9C0F888B-9888-45C2-BF80-6E68013AD81F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A2085F16-57CB-4C6F-B281-2B671E4369F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{A3E46705-635D-4A09-BCC7-1D17BFD35C10}" = lport=445 | protocol=6 | dir=in | app=system |
"{A5938E08-7141-4E2F-A244-1A843EB25CBD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCC14641-8007-4116-B5B2-92CA9E4F60D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{D1692F41-EF2D-4A0D-86A6-6B328002DDCB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E6ECF42A-5A9B-4560-A51A-1CE7C8E0D5FE}" = lport=139 | protocol=6 | dir=in | app=system |
"{E84BAF98-77A5-452F-B947-F00FCA8B69E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{F22074B5-39FD-42FE-AEF2-5F64880BA1E6}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EDFF5A-93E7-43A7-9450-C26197A2E77B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08AA7412-B36F-402C-B574-B3101143BC8F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{092FFA88-893E-45A6-9655-7C5C13517714}" = protocol=6 | dir=in | app=d:\programy\bittorrent\bittorrent.exe |
"{0CBF3C7D-1EB1-4247-B644-456189E87B00}" = protocol=6 | dir=in | app=d:\programy\sibelius 6\regtool.exe |
"{10C0CF91-DCE8-4B13-AA2F-F7D3EE99716E}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe |
"{10C37021-5301-4006-89F7-CC6322618192}" = protocol=6 | dir=in | app=d:\programy\sibelius 6\sibelius.exe |
"{1AB9E566-8FA6-4E28-BF04-A253FEB1FE31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2170658C-D6D4-4EC6-BF52-3A225CED9A35}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{22733CD6-9249-4FB8-AFBD-FF92BB7BD775}" = protocol=17 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"{2487BC95-F0FD-4A80-ABAC-9B14B35191EF}" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\common\puzzle pirates\java_vm\bin\javaw.exe |
"{2F8C5705-E9EF-4676-AA1A-0E7947D986DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3041BE6F-7305-45AB-8FE0-081CCF4526D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30CB41BF-A94C-4363-9E8B-BE5CE4EB456A}" = protocol=17 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4x.exe |
"{31EA6B94-93B4-4B66-BD61-4469E6C69316}" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{33D6C40D-B5F3-430A-846C-5F8AB9785DA3}" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\common\puzzle pirates\java_vm\bin\javaw.exe |
"{3784B596-D52B-4207-BDCF-DE0257B22781}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{398ED138-94DE-462B-9538-1C602F81E63A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39B8B8FA-EEFD-4A6A-B345-99BD4AF0ED83}" = protocol=17 | dir=in | app=d:\programy\mathematica\mathkernel.exe |
"{3CA340B9-B0FA-46C5-AC73-7C1C5C9902A3}" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{3D12DF1A-CA98-4606-BA3E-D29CE815B1CE}" = protocol=6 | dir=out | app=system |
"{4259F421-BF07-48FA-A323-7AF3DB2AAFA3}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{45D1E560-9894-4972-B780-8C0AD15FD12C}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{49B4861E-B145-4E2C-9E72-C63EA7D208DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D41F629-B1B3-46D5-A947-0FC62F964027}" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{4F1E2072-09BF-4752-894B-6128B6DF4BEC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5288BF0B-FCDB-4B01-A429-404BC7308B1B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5351F5C6-F3DB-45D2-8F2A-71F27876BAB1}" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"{59993F59-ACE2-48F1-8D32-BF94830889FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59FB99EE-7060-4C21-AB4E-C926433BC089}" = protocol=6 | dir=in | app=d:\programy\mathematica\mathkernel.exe |
"{61F35DD9-CA53-40C0-8E4F-F2C4F18AEA6C}" = protocol=6 | dir=in | app=d:\programy\mathematica\math.exe |
"{6264C93A-C19B-4B0F-85C9-5CC5755C8FA7}" = protocol=6 | dir=in | app=d:\hry\state of war\state of war.exe |
"{65F5E362-F836-4272-90CA-89AEB56E9199}" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{683605E8-03CC-4918-8192-AAB56149A17D}" = protocol=6 | dir=in | app=d:\programy\mathematica\mathematica.exe |
"{7068D261-E194-4CDD-9168-2275FE46411D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{718CDEB8-ECA8-4091-AF0C-780B8D3E928A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7A9BF3CA-47B5-45F0-8B5F-A2B15696A78B}" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"{7D1AE864-E861-4640-915C-A92B543013CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7DCC8BA4-E36E-49F3-82AA-EF789033C572}" = protocol=17 | dir=in | app=d:\programy\sibelius 6\sibelius.exe |
"{84FD46E7-E300-40A2-9772-7F07AD2253EE}" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"{86E24603-9689-4E7A-98E2-0F93CA3C5BA6}" = protocol=17 | dir=in | app=d:\programy\mathematica\mathematica.exe |
"{892B13BC-EB4A-492E-953A-DBBC5135A2CA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8B9709C6-1CB1-4D00-A77A-2D15A8529875}" = protocol=17 | dir=in | app=d:\programy\bittorrent\bittorrent.exe |
"{9430875C-9595-4181-88D1-B386140F072E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9548B0A1-9006-45D7-99D0-097AB43E09EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9A052089-B424-445C-BE24-81851BFA3064}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9C55D012-1E46-4908-86F7-9BB709D0085C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FA5CA1D-8812-4FF6-B688-8BBC66C426A1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A82B4551-3DEA-43A4-A29D-EC532AC09884}" = protocol=6 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{ABD42426-2991-44A8-B87C-10E7015C34DF}" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{B36236DE-8F2F-4453-8E84-C0200D23D232}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe |
"{B400D021-FB61-434D-AB61-766EFE1C9CB1}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{BA720EED-1F77-4B2A-B63A-FAAE1F186C67}" = protocol=17 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{BB2258E0-A154-4891-A4D9-8D4940A04BA1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C118D768-7A45-4A37-8336-38A86FE130F2}" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{C6C273C1-BCFC-4337-BA38-C636877C334B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6E1AE35-CF2A-4D8B-BA5F-8B0E42E49C1B}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{CF017354-31D7-4B71-8C61-6480FB834684}" = protocol=17 | dir=in | app=d:\hry\state of war\state of war.exe |
"{DDA5CC8C-A32D-4719-8701-247A118C86F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2A0466F-29A1-4F49-A980-01417C49F286}" = protocol=17 | dir=in | app=d:\programy\mathematica\math.exe |
"{EB20A68B-BCED-403F-8B7F-50D662EFA792}" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"{EB37583C-DB18-47B1-A448-9AED63502035}" = protocol=6 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"{EFEF3E76-E1B7-4511-919D-8721ED948172}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{F3A971FA-5E6A-44AA-9621-E3AA93396CDC}" = protocol=17 | dir=in | app=d:\programy\sibelius 6\regtool.exe |
"{FE13D96B-1F92-4C46-B63C-2653EF8C371F}" = protocol=6 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4x.exe |
"TCP Query User{0070B4F3-0293-425A-82D6-32AECAC145CF}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"TCP Query User{00E5C731-C3A2-4FD7-9EA5-AF5D59F18D0A}D:\hry\openttd\openttd.exe" = protocol=6 | dir=in | app=d:\hry\openttd\openttd.exe |
"TCP Query User{0827512B-5A5D-4BAB-BFBD-93C085F78917}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"TCP Query User{1896D9C3-4A51-472A-BFD1-29E7B8EE1846}D:\hry\starcraft\starcraft.exe" = protocol=6 | dir=in | app=d:\hry\starcraft\starcraft.exe |
"TCP Query User{2081A883-2925-4159-9D2A-E7C7AFD6B288}D:\programy\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda\miranda32.exe |
"TCP Query User{245E6D7F-5811-45AB-AC12-7631FD13EDC8}D:\hry\state of war\state of war.exe" = protocol=6 | dir=in | app=d:\hry\state of war\state of war.exe |
"TCP Query User{2540EC23-3DF3-492D-A1B5-3CF48CB56844}D:\hry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\hry\warcraft iii\war3.exe |
"TCP Query User{27088BF9-E567-48E7-A3F3-7D649B413FAA}D:\hry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"TCP Query User{3492E0AE-DC0D-446C-B65D-131D6A43EE96}D:\hry\total annihilation\totala.exe" = protocol=6 | dir=in | app=d:\hry\total annihilation\totala.exe |
"TCP Query User{4784D505-E012-4C1E-83A4-DA8D5A2C4F0F}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{50FCBB40-FA16-4365-BC88-166DC1A49F11}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{628D305A-EE16-427F-93F7-1978327E657F}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{65CBC106-D7FF-4881-A73A-D82C4B2F83B2}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"TCP Query User{6806EFFE-A642-4900-8AA3-16B6104A1A30}D:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe" = protocol=6 | dir=in | app=d:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe |
"TCP Query User{6AD7B836-CA4F-41A4-8C49-D7EC04AED1F6}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"TCP Query User{6B079DEF-8A84-432A-AD66-09F42E60440F}D:\hry\diablo ii\game.exe" = protocol=6 | dir=in | app=d:\hry\diablo ii\game.exe |
"TCP Query User{77188CEE-3D20-44E7-A59A-5891B0162414}D:\programy\java\jdk1.6.0_24\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.6.0_24\bin\java.exe |
"TCP Query User{91920AC1-6C05-4851-B8C0-226F4C754170}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"TCP Query User{99CB5477-61FE-4751-81F7-C726DE62313C}D:\programy\garena\garena.exe" = protocol=6 | dir=in | app=d:\programy\garena\garena.exe |
"TCP Query User{9BB24295-368A-447D-850E-1B34AF66F599}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{A5F61998-AF85-43F5-96F2-E2FCE12F3FB5}D:\hry\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"TCP Query User{A7606E40-8352-4AC5-BD66-FEBB3309F758}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{B693794D-7CA1-4651-97AC-B1E93E31CD03}D:\hry\age of empires 2\age2_x1.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1.exe |
"TCP Query User{BAA12F90-D38B-4755-A577-57F06D284EFA}D:\hry\age of empires 2\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"TCP Query User{BC6BE18C-EE41-4D8F-8A83-A0D17C807FF8}D:\hry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"TCP Query User{C00E1914-C49C-487A-9157-69F50FC7539C}D:\programy\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda\miranda32.exe |
"TCP Query User{C702D934-7094-48FF-9129-B42C28001971}D:\Programy\Flash\Adobe Flash CS5.5\Flash.exe" = protocol=6 | dir=in | app=d:\programy\flash\adobe flash cs5.5\flash.exe |
"TCP Query User{CEF578F0-03F9-4CBF-864C-7256DDDFEE56}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{D5A09D8B-0E3B-470A-AC84-22AC86E67B7D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E152494C-4825-4A3D-A0FA-CE438196F1C8}D:\hry\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\empires2.exe |
"TCP Query User{EA0CDC91-EF6B-465E-971D-DB88C0D38D2B}D:\programy\netbeans 7.1\bin\netbeans.exe" = protocol=6 | dir=in | app=d:\programy\netbeans 7.1\bin\netbeans.exe |
"UDP Query User{033772A8-0758-4F51-853E-14B075439F5A}D:\hry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"UDP Query User{07252B11-4FEE-4EBC-88D8-A0F4B38A5A1D}D:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe" = protocol=17 | dir=in | app=d:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe |
"UDP Query User{113415BA-318E-4DD3-8D64-7E30DC626F3A}D:\programy\netbeans 7.1\bin\netbeans.exe" = protocol=17 | dir=in | app=d:\programy\netbeans 7.1\bin\netbeans.exe |
"UDP Query User{15D61D20-B41F-4AF7-8D33-3A9BE74D6094}D:\hry\diablo ii\game.exe" = protocol=17 | dir=in | app=d:\hry\diablo ii\game.exe |
"UDP Query User{1C0FC63C-03FA-45E4-BA26-6153BA62994A}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"UDP Query User{2EB23891-2AAD-430D-B0DE-8677336D4BF0}D:\hry\state of war\state of war.exe" = protocol=17 | dir=in | app=d:\hry\state of war\state of war.exe |
"UDP Query User{2F81EF0B-3DD1-4231-8237-951A3F894C06}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"UDP Query User{42F5C8A4-717B-42A5-A79A-7C8679DF1BC3}D:\hry\total annihilation\totala.exe" = protocol=17 | dir=in | app=d:\hry\total annihilation\totala.exe |
"UDP Query User{4C028A09-D0C1-4CFE-904B-7224BFC0E224}D:\hry\starcraft\starcraft.exe" = protocol=17 | dir=in | app=d:\hry\starcraft\starcraft.exe |
"UDP Query User{51A323D5-6060-4223-AC84-2891AC4548DB}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"UDP Query User{5652E5B0-A968-4830-965B-01C1C2FBE257}D:\hry\age of empires 2\age2_x1.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1.exe |
"UDP Query User{61D6B351-5C35-4E93-ACA6-E2E871A8D585}D:\hry\age of empires 2\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"UDP Query User{6D84041B-05D6-416B-B98C-9E3C7D4EC4AA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{754E56FE-39FE-421D-BF81-BD5808218C8C}D:\hry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"UDP Query User{76CC4662-8042-466A-B5B2-CB2B26ED6FDE}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"UDP Query User{7BCC426E-595A-46B9-A61D-2A1E458EF4D3}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"UDP Query User{7F08C231-D372-4233-969E-045EFFD102E6}D:\hry\openttd\openttd.exe" = protocol=17 | dir=in | app=d:\hry\openttd\openttd.exe |
"UDP Query User{8BD80F93-83EF-485B-958D-BDA4DD2434FD}D:\Programy\Flash\Adobe Flash CS5.5\Flash.exe" = protocol=17 | dir=in | app=d:\programy\flash\adobe flash cs5.5\flash.exe |
"UDP Query User{8EEDC89C-EFF6-4F5F-A186-66FA829229BB}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{920598BA-2393-487E-97C0-9430140A4F2B}D:\programy\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda\miranda32.exe |
"UDP Query User{9A619C42-D095-4471-8B36-408B3E03A499}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{9BE07DA5-0B83-4344-B304-3BC050335F27}D:\programy\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda\miranda32.exe |
"UDP Query User{A4765EB6-E362-41B0-B1CD-4CD546D4F0F1}D:\hry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\hry\warcraft iii\war3.exe |
"UDP Query User{C495D94A-A5D4-418F-93CC-B13F1EA92E8C}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"UDP Query User{CB06A447-71BC-49F4-A3AC-ACC4C648C3D7}D:\hry\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\empires2.exe |
"UDP Query User{D150FE6B-42D8-42AC-9267-DF280CEC33C9}D:\programy\garena\garena.exe" = protocol=17 | dir=in | app=d:\programy\garena\garena.exe |
"UDP Query User{D644AC96-CE72-41EE-81B5-03F4D5DE981B}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{DEC33CE8-2FBB-48C7-9D69-AC6B2822E7E4}D:\programy\java\jdk1.6.0_24\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.6.0_24\bin\java.exe |
"UDP Query User{E5995CB3-6924-4A02-A227-B4E2BC363C6B}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"UDP Query User{EAB7D297-25C4-4BB5-BEFD-7DB48E176D4C}D:\hry\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"UDP Query User{F9591074-5FE7-4490-B309-FCFFF42DA88F}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{64A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24 (64-bit)
"{7B02BD23-7843-4481-5778-B20110993E0D}" = WMV9/VC-1 Video Playback
"{7DE223C2-C857-44E5-9311-67AA5731B39B}" = Melodyne Runtime 4.0 (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 4.96
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B1F3524F-1F3B-4B79-0346-38669CD828C8}" = ccc-utility64
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C32A0C11-B1A1-4ABC-8C1E-C1E2E3936D26}" = TortoiseSVN 1.7.5.22551 (64 bit)
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FDAA17FB-9CDD-AA3B-ED37-FA6F0C052123}" = ATI Catalyst Install Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"A-WIN-Extras 8.0.1 2063897_is1" = Mathematica Extras 8.0 (2063897)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"File Shredder_is1" = File Shredder 2.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"M-WIN-L 8.0.1 2063990_is1" = Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990)
"R for Windows 2.15.0_is1" = R for Windows 2.15.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 beta 4 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{103B6835-DCA0-413F-A99E-ECAD6622726E}" = Aliens versus Predator 2: Primal Hunt
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1164B166-AE7D-4CD2-B641-E30A9A7AC992}" = Mobile Broadband drivers
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16DF894D-FC3F-4B87-908D-671E201CD7A8}" = Melodyne singletrack
"{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}" = Sibelius 6
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{2222706F-666A-4037-7777-202328764D10}" = JavaFX 2.0.2 SDK
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2A00CD93-492D-0B32-C144-A8B9792CCE3E}" = Catalyst Control Center Localization All
"{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{41357C72-23AD-440C-9538-3350AF076253}" = calibre
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52F8811F-2BA4-F47F-600C-8C93C94E93DD}" = Catalyst Control Center InstallProxy
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BC352F2-A0F5-5162-B519-ADCD72761DCE}" = ccc-core-static
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktická dobrodružství
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{655CD886-3B90-4E4D-B314-92BDA9B08C86}" = Vegas Movie Studio HD 9.0
"{67C9B2A9-6F22-610C-BFC8-B8F0B199ABEA}" = PX Profile Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{818E0212-DA58-E255-00D2-4C22D50A12F2}" = CCC Help English
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95587AD6-8953-3288-49A1-4BBD8655E94D}" = Catalyst Control Center Graphics Previews Common
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B1AD83A0-DC92-41E3-B111-E9472349768C}" = RollerCoaster Tycoon 2: Wacky Worlds
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}" = RollerCoaster Tycoon 2: Time Twister
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Balíček strašidelných a roztomilých doplňků
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}" = Enterprise Architect 8
"{CED3B64B-9381-4AB8-A213-6C084C952E43}" = Zamzom Wireless
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A4913F-46A5-48F2-BC73-EE41A6C81EB3}" = Microsoft DirectX SDK (August 2007)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FC9B811E-39BC-4813-9E29-B83CCF700010}" = 1.3M WebCam
"{FD207C2C-A7FF-332A-AC85-5A5ACED6F31B}" = Google Talk Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 AVI to GIF Converter_is1" = 123 AVI to GIF Converter 3.0
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"BigTick_Rainbow2_is1" = Rainbow Synth Version 2.5
"BitTorrent" = BitTorrent
"Cisco Packet Tracer 5.3.1_is1" = Cisco Packet Tracer 5.3.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-06-26
"Debut" = Debut Video Capture Software
"Diablo" = Diablo
"DivX Setup.divx.com" = DivX Setup
"EasyBCD" = EasyBCD 2.0
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fast AVI to GIF Converter" = Fast AVI to GIF Converter
"Garena" = Garena 2010
"Garritan Personal Orchestra" = Garritan Personal Orchestra
"Google Chrome" = Google Chrome
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.2
"htmltads.exe" = HTML TADS Player Kit
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Icewind Dale II_is1" = Icewind Dale II
"I-Doser" = I-Doser Premium
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = SWAT 4 - The Stetchkov Syndicate
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"IrfanView" = IrfanView (remove only)
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LastFM_is1" = Last.fm 1.5.4.27091
"Legend of Grimrock_is1" = Legend of Grimrock
"Live 6.0.10" = Live 6.0.10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Miranda IM" = Miranda IM 0.9.17
"mIRC" = mIRC
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"nbi-nb-base-7.1.0.0.0" = NetBeans IDE 7.1
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"Open Video Converter_is1" = Open Video Converter version 3.0.3
"PFConfig" = PFConfig 1.0.296
"Planescape Torment_is1" = Planescape Torment
"Prototyper Free 1.0.0" = Prototyper Free 1.0.0
"PSPad editor_is1" = PSPad editor
"ReadManiac_is1" = ReadManiac 2.6 beta 13
"Shadow Warrior v1.2" = Shadow Warrior v1.2
"Sierra Utilities" = Sierra Utilities
"SONARLE_x64_is1" = SONAR 6 LE
"ST5UNST #1" = ENIGMA
"ST5UNST #2" = Enigma Codebook Tool
"Starcraft" = Starcraft
"Steam App 200210" = Realm of the Mad God
"Steam App 440" = Team Fortress 2
"Steam App 99910" = Puzzle Pirates
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Total Annihilation" = Total Annihilation
"VLC media player" = VLC media player 1.1.6
"Winamp" = Winamp
"Wubi" = Ubuntu
"Xilinx ISE 9.2i" = Xilinx ISE 9.2i
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4B02278E7A15F146228904FEED40A7DA3E2C1164" = Progress Bar for Microsoft PowerPoint
"Battle for Wesnoth 1.10.2" = Battle for Wesnoth 1.10.2
"DigiSigner" = DigiSigner
"Dropbox" = Dropbox
"GameRanger" = GameRanger
"Winamp Detect" = Winamp Detector Plug-in
"WinImage" = WinImage
"Yume Nikki 0.10 English v3" = Yume Nikki 0.10 English v3
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.05.09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) MD5=A7F80FD4BA188EE39735FFA90D338ABA -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.20 17:51:48 | 000,000,512 | ---- | M] () MD5=9235D9DD2A3FB73E046F175534F8669E -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.02.23 19:32:05 | 000,001,094 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk
[2011.02.23 19:32:04 | 000,001,084 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk
[2011.02.23 19:32:04 | 000,001,090 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk
[2011.02.23 19:32:05 | 000,001,094 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk
[2011.02.23 19:32:04 | 000,001,084 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk
[2011.02.23 19:32:04 | 000,001,090 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk
< *keygen* /s >
[2012.05.18 13:56:09 | 000,000,585 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\keygen.rar.lnk
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.tlb
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2011.06.09 02:28:44 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2011.06.09 02:28:44 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.11.08 21:03:14 | 000,013,211 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ErrorNotification.html
[2011.11.08 21:03:30 | 000,020,432 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.html
[2011.11.08 21:03:14 | 000,006,597 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.PreloaderNotification.html
[2011.11.08 21:03:28 | 000,010,567 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ProgressNotification.html
[2011.11.08 21:03:10 | 000,015,082 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.html
[2011.11.08 21:03:30 | 000,014,414 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.Type.html
[2011.11.08 21:03:34 | 000,006,842 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ErrorNotification.html
[2011.11.08 21:03:12 | 000,004,449 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.html
[2011.11.08 21:03:20 | 000,009,261 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.PreloaderNotification.html
[2011.11.08 21:03:26 | 000,006,893 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ProgressNotification.html
[2011.11.08 21:03:42 | 000,006,977 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.html
[2011.11.08 21:03:32 | 000,011,165 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.Type.html
[2011.11.08 21:03:10 | 000,010,377 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Attribute.html
[2011.11.08 21:03:34 | 000,012,768 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 21:03:30 | 000,014,222 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.CopyElement.html
[2011.11.08 21:03:38 | 000,011,488 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.DefineElement.html
[2011.11.08 21:03:34 | 000,020,205 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Element.html
[2011.11.08 21:03:16 | 000,014,212 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 21:03:10 | 000,044,046 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.html
[2011.11.08 21:03:34 | 000,014,967 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.IncludeElement.html
[2011.11.08 21:03:44 | 000,016,588 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 21:03:24 | 000,013,878 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyChangeListener.html
[2011.11.08 21:03:36 | 000,015,658 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyElement.html
[2011.11.08 21:03:12 | 000,014,271 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ReferenceElement.html
[2011.11.08 21:03:46 | 000,015,319 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptElement.html
[2011.11.08 21:03:42 | 000,012,568 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptEventHandler.html
[2011.11.08 21:03:34 | 000,015,451 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ValueElement.html
[2011.11.08 21:03:32 | 000,008,341 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Attribute.html
[2011.11.08 21:03:44 | 000,004,702 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 21:03:40 | 000,004,515 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.CopyElement.html
[2011.11.08 21:03:32 | 000,004,537 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.DefineElement.html
[2011.11.08 21:03:10 | 000,006,719 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Element.html
[2011.11.08 21:03:14 | 000,004,647 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 21:03:20 | 000,007,272 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.html
[2011.11.08 21:03:30 | 000,004,548 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.IncludeElement.html
[2011.11.08 21:03:26 | 000,004,680 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 21:03:28 | 000,004,636 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyChangeListener.html
[2011.11.08 21:03:18 | 000,006,587 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyElement.html
[2011.11.08 21:03:24 | 000,004,570 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ReferenceElement.html
[2011.11.08 21:03:40 | 000,004,537 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptElement.html
[2011.11.08 21:03:12 | 000,004,592 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptEventHandler.html
[2011.11.08 21:03:30 | 000,004,526 | ---- | M] () -- \Program Files (x86)\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ValueElement.html
[2011.06.09 02:28:44 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2011.06.09 02:28:44 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.01.04 22:44:38 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.09.19 20:47:34 | 000,000,765 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.09.19 20:47:34 | 000,000,750 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.09.19 20:47:34 | 000,000,780 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.07.03 15:09:46 | 000,000,726 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Uninstall Youtube Downloader HD.lnk
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.09.19 20:47:34 | 000,000,765 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.09.19 20:47:34 | 000,000,750 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.09.19 20:47:34 | 000,000,780 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.07.03 15:09:46 | 000,000,726 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Uninstall Youtube Downloader HD.lnk
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.03.17 08:30:06 | 000,000,544 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP7\MovieClipLoader.as
[2011.03.17 08:30:06 | 000,000,544 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP8\MovieClipLoader.as
[2011.03.17 08:30:06 | 000,000,576 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP9\MovieClipLoader.as
[2011.03.17 08:30:08 | 000,010,454 | ---- | M] () -- \Users\Martin\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\controls\Loader.as
[2012.05.11 15:31:37 | 000,010,519 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9X3QMEM2\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.05.20 18:16:45 | 000,000,652 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1FWFJZT\AdLoader[2].htm
[2011.06.06 19:14:55 | 000,001,603 | ---- | M] () -- \Users\Martin\AppData\Roaming\.minecraft\ModLoader.txt
[2011.06.06 19:04:47 | 000,000,299 | ---- | M] () -- \Users\Martin\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.05.13 13:14:10 | 000,000,546 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\jDownloader.lnk
[2012.05.13 13:14:10 | 000,000,830 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\Vr4h.Kr3sTaN.Ski.by.DodgE.of.PowerUploaders.part1.rar.lnk
[2011.07.03 18:16:22 | 000,000,044 | ---- | M] () -- \Users\Martin\AppData\Roaming\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2011.07.03 15:09:46 | 000,000,759 | ---- | M] () -- \Users\Martin\Desktop\Programy\Youtube Downloader HD.lnk
[2011.02.18 13:03:07 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.07.30 10:06:58 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.29 03:43:16 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.04.28 10:55:06 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.04.28 10:55:06 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.09 22:23:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.09 22:23:17 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.09 22:23:17 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.09 22:23:17 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.09 22:23:17 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD
< End of report >
-------------------------------------------------------------------------------------------------------------------------------
OTL Extras logfile created on: 20.5.2012 17:49:08 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Martin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 43,45% Memory free
7,73 Gb Paging File | 5,47 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 5,22 Gb Free Space | 13,39% Space Free | Partition Type: NTFS
Drive D: | 557,11 Gb Total Space | 100,12 Gb Free Space | 17,97% Space Free | Partition Type: NTFS
Drive F: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Flash\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [printdir] -- %windir%\printdir.bat "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programy\WinAmp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\WinAmp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\WinAmp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Flash\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [printdir] -- %windir%\printdir.bat "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programy\WinAmp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\WinAmp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\WinAmp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B29109-8B5C-4969-8154-62DC3FE1FC85}" = rport=138 | protocol=17 | dir=out | app=system |
"{04443512-838E-4E39-BFD8-6E55FA737800}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B990E7A-A6BA-47FB-8C9A-EBB628B8A652}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CBA4478-7C4D-4620-89ED-620FA1C78973}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CDB96BA-3E08-4201-9F7D-D7F2D955AC83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2842D101-D983-4EA5-B1A1-C61DD448BE2B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{28D87D50-0E8B-4ADE-933F-F01D7C62F49E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29A41938-DE01-46C6-AFA4-859DA5F76800}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BA43AFD-0306-4942-B59F-51D4AD22CFE7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2CF51EDA-0C3C-4681-8C39-DF749B9515E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{456A079A-D3ED-4810-A18B-7BB2994C76B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4762DDB6-B6A2-4D0D-8D89-FD062C7A2356}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{480781BD-C5A4-4650-B553-86A3FE9078F5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5C675E5A-4C2B-4D1E-AC8C-EAD121ED845F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60D4555A-7E50-40E5-93C1-9FC6EEDAE20D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9489F94F-1E54-4D4E-A711-DAB4CB2E92DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{9C0F888B-9888-45C2-BF80-6E68013AD81F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A2085F16-57CB-4C6F-B281-2B671E4369F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{A3E46705-635D-4A09-BCC7-1D17BFD35C10}" = lport=445 | protocol=6 | dir=in | app=system |
"{A5938E08-7141-4E2F-A244-1A843EB25CBD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCC14641-8007-4116-B5B2-92CA9E4F60D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{D1692F41-EF2D-4A0D-86A6-6B328002DDCB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E6ECF42A-5A9B-4560-A51A-1CE7C8E0D5FE}" = lport=139 | protocol=6 | dir=in | app=system |
"{E84BAF98-77A5-452F-B947-F00FCA8B69E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{F22074B5-39FD-42FE-AEF2-5F64880BA1E6}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EDFF5A-93E7-43A7-9450-C26197A2E77B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08AA7412-B36F-402C-B574-B3101143BC8F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{092FFA88-893E-45A6-9655-7C5C13517714}" = protocol=6 | dir=in | app=d:\programy\bittorrent\bittorrent.exe |
"{0CBF3C7D-1EB1-4247-B644-456189E87B00}" = protocol=6 | dir=in | app=d:\programy\sibelius 6\regtool.exe |
"{10C0CF91-DCE8-4B13-AA2F-F7D3EE99716E}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe |
"{10C37021-5301-4006-89F7-CC6322618192}" = protocol=6 | dir=in | app=d:\programy\sibelius 6\sibelius.exe |
"{1AB9E566-8FA6-4E28-BF04-A253FEB1FE31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2170658C-D6D4-4EC6-BF52-3A225CED9A35}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{22733CD6-9249-4FB8-AFBD-FF92BB7BD775}" = protocol=17 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"{2487BC95-F0FD-4A80-ABAC-9B14B35191EF}" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\common\puzzle pirates\java_vm\bin\javaw.exe |
"{2F8C5705-E9EF-4676-AA1A-0E7947D986DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3041BE6F-7305-45AB-8FE0-081CCF4526D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30CB41BF-A94C-4363-9E8B-BE5CE4EB456A}" = protocol=17 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4x.exe |
"{31EA6B94-93B4-4B66-BD61-4469E6C69316}" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{33D6C40D-B5F3-430A-846C-5F8AB9785DA3}" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\common\puzzle pirates\java_vm\bin\javaw.exe |
"{3784B596-D52B-4207-BDCF-DE0257B22781}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{398ED138-94DE-462B-9538-1C602F81E63A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39B8B8FA-EEFD-4A6A-B345-99BD4AF0ED83}" = protocol=17 | dir=in | app=d:\programy\mathematica\mathkernel.exe |
"{3CA340B9-B0FA-46C5-AC73-7C1C5C9902A3}" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{3D12DF1A-CA98-4606-BA3E-D29CE815B1CE}" = protocol=6 | dir=out | app=system |
"{4259F421-BF07-48FA-A323-7AF3DB2AAFA3}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{45D1E560-9894-4972-B780-8C0AD15FD12C}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{49B4861E-B145-4E2C-9E72-C63EA7D208DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4D41F629-B1B3-46D5-A947-0FC62F964027}" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{4F1E2072-09BF-4752-894B-6128B6DF4BEC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5288BF0B-FCDB-4B01-A429-404BC7308B1B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5351F5C6-F3DB-45D2-8F2A-71F27876BAB1}" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"{59993F59-ACE2-48F1-8D32-BF94830889FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59FB99EE-7060-4C21-AB4E-C926433BC089}" = protocol=6 | dir=in | app=d:\programy\mathematica\mathkernel.exe |
"{61F35DD9-CA53-40C0-8E4F-F2C4F18AEA6C}" = protocol=6 | dir=in | app=d:\programy\mathematica\math.exe |
"{6264C93A-C19B-4B0F-85C9-5CC5755C8FA7}" = protocol=6 | dir=in | app=d:\hry\state of war\state of war.exe |
"{65F5E362-F836-4272-90CA-89AEB56E9199}" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{683605E8-03CC-4918-8192-AAB56149A17D}" = protocol=6 | dir=in | app=d:\programy\mathematica\mathematica.exe |
"{7068D261-E194-4CDD-9168-2275FE46411D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{718CDEB8-ECA8-4091-AF0C-780B8D3E928A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7A9BF3CA-47B5-45F0-8B5F-A2B15696A78B}" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"{7D1AE864-E861-4640-915C-A92B543013CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7DCC8BA4-E36E-49F3-82AA-EF789033C572}" = protocol=17 | dir=in | app=d:\programy\sibelius 6\sibelius.exe |
"{84FD46E7-E300-40A2-9772-7F07AD2253EE}" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"{86E24603-9689-4E7A-98E2-0F93CA3C5BA6}" = protocol=17 | dir=in | app=d:\programy\mathematica\mathematica.exe |
"{892B13BC-EB4A-492E-953A-DBBC5135A2CA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8B9709C6-1CB1-4D00-A77A-2D15A8529875}" = protocol=17 | dir=in | app=d:\programy\bittorrent\bittorrent.exe |
"{9430875C-9595-4181-88D1-B386140F072E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9548B0A1-9006-45D7-99D0-097AB43E09EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9A052089-B424-445C-BE24-81851BFA3064}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9C55D012-1E46-4908-86F7-9BB709D0085C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FA5CA1D-8812-4FF6-B688-8BBC66C426A1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A82B4551-3DEA-43A4-A29D-EC532AC09884}" = protocol=6 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{ABD42426-2991-44A8-B87C-10E7015C34DF}" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{B36236DE-8F2F-4453-8E84-C0200D23D232}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe |
"{B400D021-FB61-434D-AB61-766EFE1C9CB1}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{BA720EED-1F77-4B2A-B63A-FAAE1F186C67}" = protocol=17 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{BB2258E0-A154-4891-A4D9-8D4940A04BA1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C118D768-7A45-4A37-8336-38A86FE130F2}" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{C6C273C1-BCFC-4337-BA38-C636877C334B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6E1AE35-CF2A-4D8B-BA5F-8B0E42E49C1B}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{CF017354-31D7-4B71-8C61-6480FB834684}" = protocol=17 | dir=in | app=d:\hry\state of war\state of war.exe |
"{DDA5CC8C-A32D-4719-8701-247A118C86F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2A0466F-29A1-4F49-A980-01417C49F286}" = protocol=17 | dir=in | app=d:\programy\mathematica\math.exe |
"{EB20A68B-BCED-403F-8B7F-50D662EFA792}" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"{EB37583C-DB18-47B1-A448-9AED63502035}" = protocol=6 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"{EFEF3E76-E1B7-4511-919D-8721ED948172}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{F3A971FA-5E6A-44AA-9621-E3AA93396CDC}" = protocol=17 | dir=in | app=d:\programy\sibelius 6\regtool.exe |
"{FE13D96B-1F92-4C46-B63C-2653EF8C371F}" = protocol=6 | dir=in | app=d:\hry\swat 4\contentexpansion\system\swat4x.exe |
"TCP Query User{0070B4F3-0293-425A-82D6-32AECAC145CF}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"TCP Query User{00E5C731-C3A2-4FD7-9EA5-AF5D59F18D0A}D:\hry\openttd\openttd.exe" = protocol=6 | dir=in | app=d:\hry\openttd\openttd.exe |
"TCP Query User{0827512B-5A5D-4BAB-BFBD-93C085F78917}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"TCP Query User{1896D9C3-4A51-472A-BFD1-29E7B8EE1846}D:\hry\starcraft\starcraft.exe" = protocol=6 | dir=in | app=d:\hry\starcraft\starcraft.exe |
"TCP Query User{2081A883-2925-4159-9D2A-E7C7AFD6B288}D:\programy\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda\miranda32.exe |
"TCP Query User{245E6D7F-5811-45AB-AC12-7631FD13EDC8}D:\hry\state of war\state of war.exe" = protocol=6 | dir=in | app=d:\hry\state of war\state of war.exe |
"TCP Query User{2540EC23-3DF3-492D-A1B5-3CF48CB56844}D:\hry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\hry\warcraft iii\war3.exe |
"TCP Query User{27088BF9-E567-48E7-A3F3-7D649B413FAA}D:\hry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"TCP Query User{3492E0AE-DC0D-446C-B65D-131D6A43EE96}D:\hry\total annihilation\totala.exe" = protocol=6 | dir=in | app=d:\hry\total annihilation\totala.exe |
"TCP Query User{4784D505-E012-4C1E-83A4-DA8D5A2C4F0F}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{50FCBB40-FA16-4365-BC88-166DC1A49F11}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{628D305A-EE16-427F-93F7-1978327E657F}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{65CBC106-D7FF-4881-A73A-D82C4B2F83B2}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"TCP Query User{6806EFFE-A642-4900-8AA3-16B6104A1A30}D:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe" = protocol=6 | dir=in | app=d:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe |
"TCP Query User{6AD7B836-CA4F-41A4-8C49-D7EC04AED1F6}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"TCP Query User{6B079DEF-8A84-432A-AD66-09F42E60440F}D:\hry\diablo ii\game.exe" = protocol=6 | dir=in | app=d:\hry\diablo ii\game.exe |
"TCP Query User{77188CEE-3D20-44E7-A59A-5891B0162414}D:\programy\java\jdk1.6.0_24\bin\java.exe" = protocol=6 | dir=in | app=d:\programy\java\jdk1.6.0_24\bin\java.exe |
"TCP Query User{91920AC1-6C05-4851-B8C0-226F4C754170}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"TCP Query User{99CB5477-61FE-4751-81F7-C726DE62313C}D:\programy\garena\garena.exe" = protocol=6 | dir=in | app=d:\programy\garena\garena.exe |
"TCP Query User{9BB24295-368A-447D-850E-1B34AF66F599}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{A5F61998-AF85-43F5-96F2-E2FCE12F3FB5}D:\hry\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"TCP Query User{A7606E40-8352-4AC5-BD66-FEBB3309F758}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{B693794D-7CA1-4651-97AC-B1E93E31CD03}D:\hry\age of empires 2\age2_x1.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1.exe |
"TCP Query User{BAA12F90-D38B-4755-A577-57F06D284EFA}D:\hry\age of empires 2\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"TCP Query User{BC6BE18C-EE41-4D8F-8A83-A0D17C807FF8}D:\hry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"TCP Query User{C00E1914-C49C-487A-9157-69F50FC7539C}D:\programy\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda\miranda32.exe |
"TCP Query User{C702D934-7094-48FF-9129-B42C28001971}D:\Programy\Flash\Adobe Flash CS5.5\Flash.exe" = protocol=6 | dir=in | app=d:\programy\flash\adobe flash cs5.5\flash.exe |
"TCP Query User{CEF578F0-03F9-4CBF-864C-7256DDDFEE56}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{D5A09D8B-0E3B-470A-AC84-22AC86E67B7D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E152494C-4825-4A3D-A0FA-CE438196F1C8}D:\hry\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=d:\hry\age of empires 2\empires2.exe |
"TCP Query User{EA0CDC91-EF6B-465E-971D-DB88C0D38D2B}D:\programy\netbeans 7.1\bin\netbeans.exe" = protocol=6 | dir=in | app=d:\programy\netbeans 7.1\bin\netbeans.exe |
"UDP Query User{033772A8-0758-4F51-853E-14B075439F5A}D:\hry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"UDP Query User{07252B11-4FEE-4EBC-88D8-A0F4B38A5A1D}D:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe" = protocol=17 | dir=in | app=d:\programy\cisco packet tracer 5.3.1\bin\packettracer5.exe |
"UDP Query User{113415BA-318E-4DD3-8D64-7E30DC626F3A}D:\programy\netbeans 7.1\bin\netbeans.exe" = protocol=17 | dir=in | app=d:\programy\netbeans 7.1\bin\netbeans.exe |
"UDP Query User{15D61D20-B41F-4AF7-8D33-3A9BE74D6094}D:\hry\diablo ii\game.exe" = protocol=17 | dir=in | app=d:\hry\diablo ii\game.exe |
"UDP Query User{1C0FC63C-03FA-45E4-BA26-6153BA62994A}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"UDP Query User{2EB23891-2AAD-430D-B0DE-8677336D4BF0}D:\hry\state of war\state of war.exe" = protocol=17 | dir=in | app=d:\hry\state of war\state of war.exe |
"UDP Query User{2F81EF0B-3DD1-4231-8237-951A3F894C06}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"UDP Query User{42F5C8A4-717B-42A5-A79A-7C8679DF1BC3}D:\hry\total annihilation\totala.exe" = protocol=17 | dir=in | app=d:\hry\total annihilation\totala.exe |
"UDP Query User{4C028A09-D0C1-4CFE-904B-7224BFC0E224}D:\hry\starcraft\starcraft.exe" = protocol=17 | dir=in | app=d:\hry\starcraft\starcraft.exe |
"UDP Query User{51A323D5-6060-4223-AC84-2891AC4548DB}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"UDP Query User{5652E5B0-A968-4830-965B-01C1C2FBE257}D:\hry\age of empires 2\age2_x1.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1.exe |
"UDP Query User{61D6B351-5C35-4E93-ACA6-E2E871A8D585}D:\hry\age of empires 2\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\age2_x1\age2_x1.exe |
"UDP Query User{6D84041B-05D6-416B-B98C-9E3C7D4EC4AA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{754E56FE-39FE-421D-BF81-BD5808218C8C}D:\hry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\worldoftanks.exe |
"UDP Query User{76CC4662-8042-466A-B5B2-CB2B26ED6FDE}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"UDP Query User{7BCC426E-595A-46B9-A61D-2A1E458EF4D3}D:\programy\java\jdk1.7.0_02\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.7.0_02\bin\java.exe |
"UDP Query User{7F08C231-D372-4233-969E-045EFFD102E6}D:\hry\openttd\openttd.exe" = protocol=17 | dir=in | app=d:\hry\openttd\openttd.exe |
"UDP Query User{8BD80F93-83EF-485B-958D-BDA4DD2434FD}D:\Programy\Flash\Adobe Flash CS5.5\Flash.exe" = protocol=17 | dir=in | app=d:\programy\flash\adobe flash cs5.5\flash.exe |
"UDP Query User{8EEDC89C-EFF6-4F5F-A186-66FA829229BB}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{920598BA-2393-487E-97C0-9430140A4F2B}D:\programy\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda\miranda32.exe |
"UDP Query User{9A619C42-D095-4471-8B36-408B3E03A499}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{9BE07DA5-0B83-4344-B304-3BC050335F27}D:\programy\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda\miranda32.exe |
"UDP Query User{A4765EB6-E362-41B0-B1CD-4CD546D4F0F1}D:\hry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\hry\warcraft iii\war3.exe |
"UDP Query User{C495D94A-A5D4-418F-93CC-B13F1EA92E8C}D:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\kenor_\team fortress 2\hl2.exe |
"UDP Query User{CB06A447-71BC-49F4-A3AC-ACC4C648C3D7}D:\hry\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=d:\hry\age of empires 2\empires2.exe |
"UDP Query User{D150FE6B-42D8-42AC-9267-DF280CEC33C9}D:\programy\garena\garena.exe" = protocol=17 | dir=in | app=d:\programy\garena\garena.exe |
"UDP Query User{D644AC96-CE72-41EE-81B5-03F4D5DE981B}C:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{DEC33CE8-2FBB-48C7-9D69-AC6B2822E7E4}D:\programy\java\jdk1.6.0_24\bin\java.exe" = protocol=17 | dir=in | app=d:\programy\java\jdk1.6.0_24\bin\java.exe |
"UDP Query User{E5995CB3-6924-4A02-A227-B4E2BC363C6B}D:\hry\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\hry\stronghold crusader\stronghold crusader.exe |
"UDP Query User{EAB7D297-25C4-4BB5-BEFD-7DB48E176D4C}D:\hry\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world of tanks\wotlauncher.exe |
"UDP Query User{F9591074-5FE7-4490-B309-FCFFF42DA88F}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{64A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24 (64-bit)
"{7B02BD23-7843-4481-5778-B20110993E0D}" = WMV9/VC-1 Video Playback
"{7DE223C2-C857-44E5-9311-67AA5731B39B}" = Melodyne Runtime 4.0 (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 4.96
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B1F3524F-1F3B-4B79-0346-38669CD828C8}" = ccc-utility64
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C32A0C11-B1A1-4ABC-8C1E-C1E2E3936D26}" = TortoiseSVN 1.7.5.22551 (64 bit)
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FDAA17FB-9CDD-AA3B-ED37-FA6F0C052123}" = ATI Catalyst Install Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"A-WIN-Extras 8.0.1 2063897_is1" = Mathematica Extras 8.0 (2063897)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"File Shredder_is1" = File Shredder 2.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"M-WIN-L 8.0.1 2063990_is1" = Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990)
"R for Windows 2.15.0_is1" = R for Windows 2.15.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 beta 4 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{103B6835-DCA0-413F-A99E-ECAD6622726E}" = Aliens versus Predator 2: Primal Hunt
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1164B166-AE7D-4CD2-B641-E30A9A7AC992}" = Mobile Broadband drivers
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16DF894D-FC3F-4B87-908D-671E201CD7A8}" = Melodyne singletrack
"{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}" = Sibelius 6
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{2222706F-666A-4037-7777-202328764D10}" = JavaFX 2.0.2 SDK
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2A00CD93-492D-0B32-C144-A8B9792CCE3E}" = Catalyst Control Center Localization All
"{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{41357C72-23AD-440C-9538-3350AF076253}" = calibre
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52F8811F-2BA4-F47F-600C-8C93C94E93DD}" = Catalyst Control Center InstallProxy
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BC352F2-A0F5-5162-B519-ADCD72761DCE}" = ccc-core-static
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktická dobrodružství
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{655CD886-3B90-4E4D-B314-92BDA9B08C86}" = Vegas Movie Studio HD 9.0
"{67C9B2A9-6F22-610C-BFC8-B8F0B199ABEA}" = PX Profile Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{818E0212-DA58-E255-00D2-4C22D50A12F2}" = CCC Help English
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95587AD6-8953-3288-49A1-4BBD8655E94D}" = Catalyst Control Center Graphics Previews Common
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B1AD83A0-DC92-41E3-B111-E9472349768C}" = RollerCoaster Tycoon 2: Wacky Worlds
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}" = RollerCoaster Tycoon 2: Time Twister
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Balíček strašidelných a roztomilých doplňků
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}" = Enterprise Architect 8
"{CED3B64B-9381-4AB8-A213-6C084C952E43}" = Zamzom Wireless
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A4913F-46A5-48F2-BC73-EE41A6C81EB3}" = Microsoft DirectX SDK (August 2007)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FC9B811E-39BC-4813-9E29-B83CCF700010}" = 1.3M WebCam
"{FD207C2C-A7FF-332A-AC85-5A5ACED6F31B}" = Google Talk Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 AVI to GIF Converter_is1" = 123 AVI to GIF Converter 3.0
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"BigTick_Rainbow2_is1" = Rainbow Synth Version 2.5
"BitTorrent" = BitTorrent
"Cisco Packet Tracer 5.3.1_is1" = Cisco Packet Tracer 5.3.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-06-26
"Debut" = Debut Video Capture Software
"Diablo" = Diablo
"DivX Setup.divx.com" = DivX Setup
"EasyBCD" = EasyBCD 2.0
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fast AVI to GIF Converter" = Fast AVI to GIF Converter
"Garena" = Garena 2010
"Garritan Personal Orchestra" = Garritan Personal Orchestra
"Google Chrome" = Google Chrome
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.2
"htmltads.exe" = HTML TADS Player Kit
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Icewind Dale II_is1" = Icewind Dale II
"I-Doser" = I-Doser Premium
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = SWAT 4 - The Stetchkov Syndicate
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"IrfanView" = IrfanView (remove only)
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LastFM_is1" = Last.fm 1.5.4.27091
"Legend of Grimrock_is1" = Legend of Grimrock
"Live 6.0.10" = Live 6.0.10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Miranda IM" = Miranda IM 0.9.17
"mIRC" = mIRC
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"nbi-nb-base-7.1.0.0.0" = NetBeans IDE 7.1
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"Open Video Converter_is1" = Open Video Converter version 3.0.3
"PFConfig" = PFConfig 1.0.296
"Planescape Torment_is1" = Planescape Torment
"Prototyper Free 1.0.0" = Prototyper Free 1.0.0
"PSPad editor_is1" = PSPad editor
"ReadManiac_is1" = ReadManiac 2.6 beta 13
"Shadow Warrior v1.2" = Shadow Warrior v1.2
"Sierra Utilities" = Sierra Utilities
"SONARLE_x64_is1" = SONAR 6 LE
"ST5UNST #1" = ENIGMA
"ST5UNST #2" = Enigma Codebook Tool
"Starcraft" = Starcraft
"Steam App 200210" = Realm of the Mad God
"Steam App 440" = Team Fortress 2
"Steam App 99910" = Puzzle Pirates
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Total Annihilation" = Total Annihilation
"VLC media player" = VLC media player 1.1.6
"Winamp" = Winamp
"Wubi" = Ubuntu
"Xilinx ISE 9.2i" = Xilinx ISE 9.2i
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4B02278E7A15F146228904FEED40A7DA3E2C1164" = Progress Bar for Microsoft PowerPoint
"Battle for Wesnoth 1.10.2" = Battle for Wesnoth 1.10.2
"DigiSigner" = DigiSigner
"Dropbox" = Dropbox
"GameRanger" = GameRanger
"Winamp Detect" = Winamp Detector Plug-in
"WinImage" = WinImage
"Yume Nikki 0.10 English v3" = Yume Nikki 0.10 English v3
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: Prosím o kontrolu
Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
- Nahrady za Spybota:
- Samozrejme pouzivejte jen jeden z nich
- Osobne doporucuji SuperAntiSpyware
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2490246678-3699060608-628407935-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. O4 - HKU\S-1-5-21-2490246678-3699060608-628407935-1000..\Run: [Windows Updater] C:\Users\Martin\AppData\Roaming\svchost.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun O33 - MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\Shell - "" = AutoRun O33 - MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\Shell - "" = AutoRun [8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\*.tmp -> ] [1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [2012.05.20 17:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.05.20 16:58:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.05.20 17:58:12 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.05.20 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job [2012.05.20 17:20:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=- "AlcoholAutomount"=- "Google Update"=- "Windows Updater"=- "adobeupdater"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] /64 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "Adobe ARM"=- "SunJavaUpdateSched"=- :files C:\Users\Martin\AppData\Roaming\6 5 C:\Users\Martin\AppData\Roaming\svchost.exe c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker /d c:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker /d %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Updater deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1339cf42-3099-11e0-8e71-705ab6da7399}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1339cf43-3099-11e0-8e71-705ab6da7399}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91096197-5969-11e0-8f57-705ab6da7399}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EA9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8E76.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA52.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD884.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDCE7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE9E3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6A2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2CFD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP41B3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7231.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9482.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA92E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAE98.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB30A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB857.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD30B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE659.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFF7.tmp folder deleted successfully.
C:\Windows\Installer\MSI3E8B.tmp deleted successfully.
C:\Windows\Installer\MSI4F47.tmp deleted successfully.
C:\Windows\Installer\MSI9D26.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\BITA8FC.tmp deleted successfully.
C:\Windows\Temp\CR_81E52.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_81E52.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Updater not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\adobeupdater deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File\Folder C:\Users\Martin\AppData\Roaming\6 5 not found.
File\Folder C:\Users\Martin\AppData\Roaming\svchost.exe not found.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\License Agreement.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Readme.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Uninstall.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Äë˙ đóńńęčő.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker folder deleted successfully.
File\Folder c:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Martin
->Temp folder emptied: 74127555 bytes
->Temporary Internet Files folder emptied: 7923159 bytes
->Java cache emptied: 1515125 bytes
->FireFox cache emptied: 625717627 bytes
->Google Chrome cache emptied: 13079516 bytes
->Flash cache emptied: 65374 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30002 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 595456 bytes
Total Files Cleaned = 690,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Martin
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.0 log created on 05222012_130807
Files\Folders moved on Reboot...
C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_USERS\S-1-5-21-2490246678-3699060608-628407935-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Updater deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1339cf42-3099-11e0-8e71-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1339cf42-3099-11e0-8e71-705ab6da7399}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1339cf43-3099-11e0-8e71-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1339cf43-3099-11e0-8e71-705ab6da7399}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91096197-5969-11e0-8f57-705ab6da7399}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91096197-5969-11e0-8f57-705ab6da7399}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EA9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8E76.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA52.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD884.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDCE7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE9E3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6A2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2CFD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP41B3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7231.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9482.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA92E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAE98.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB30A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB857.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD30B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE659.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFF7.tmp folder deleted successfully.
C:\Windows\Installer\MSI3E8B.tmp deleted successfully.
C:\Windows\Installer\MSI4F47.tmp deleted successfully.
C:\Windows\Installer\MSI9D26.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\6385ddda413a972d1b1fff4117b78fb4\BITA8FC.tmp deleted successfully.
C:\Windows\Temp\CR_81E52.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_81E52.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490246678-3699060608-628407935-1000UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Updater not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\adobeupdater deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File\Folder C:\Users\Martin\AppData\Roaming\6 5 not found.
File\Folder C:\Users\Martin\AppData\Roaming\svchost.exe not found.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\License Agreement.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Registration.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker Wizard.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\RAR Password Cracker.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Readme.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Uninstall.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker\Äë˙ đóńńęčő.lnk deleted successfully.
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker folder deleted successfully.
File\Folder c:\Users\All Users\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Martin
->Temp folder emptied: 74127555 bytes
->Temporary Internet Files folder emptied: 7923159 bytes
->Java cache emptied: 1515125 bytes
->FireFox cache emptied: 625717627 bytes
->Google Chrome cache emptied: 13079516 bytes
->Flash cache emptied: 65374 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30002 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 595456 bytes
Total Files Cleaned = 690,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Martin
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.0 log created on 05222012_130807
Files\Folders moved on Reboot...
C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
Re: Prosím o kontrolu
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Tak to vypadá že se to o něco zlepšilo, děkuji mnohokrát za pomoc
Re: Prosím o kontrolu
Nemate zac, rad jsem pomohl 
Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?