Delší dobu pozoruji zpomalení PC, pro jistotu dávám LOG jestli tam nemá nějakou havěť.
LOG:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-05-22 16:36:12
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 41 GB (23%) free of 177 GB
Total RAM: 8119 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:16, on 22.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE
C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2528120436-1575494726-1815414232-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2528120436-1575494726-1815414232-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FEE6AB71-94EA-4A4A-9DF6-9BECBF70913E}: NameServer = 212.96.161.6,212.96.160.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: CST DC Main Controller 2010 - CST AG - C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Main Controller\CSTDCMainController.exe
O23 - Service: CST DC Solver Server 2010 - CST AG - C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Solver Server\CSTDCSolverServer.exe
O23 - Service: CST License Manager - Acresso Software Inc. - C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Radmin Server V3 (RServer3) - Famatech Corp. - C:\Windows\SysWOW64\rserver30\RServer3.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12405 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm112.dll,CMICtrlWnd
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE !hide Canon LBP6300
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Main Controller\CSTDCMainController.exe"
"C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Solver Server\CSTDCSolverServer.exe"
"C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe"
\??\C:\Windows\system32\conhost.exe "296500942-13998677701930665613-1220821217156669987514750620941440212266883242
"C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe"
"C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe" -c "C:\Program Files (x86)\CST STUDIO SUITE 2010\license.dat" -l "C:\Program Files (x86)\CST STUDIO SUITE 2010\licerr.log" -z
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
cstd.exe -T localhost 11.6 -1 -c "C:\Program Files (x86)\CST STUDIO SUITE 2010\license.dat" -lmgrd_port 6978 --lmgrd_start 4fbb82ba -l "C:\Program Files (x86)\CST STUDIO SUITE 2010\licerr.log"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe" -g 10 -s
"C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe" -g 11
"C:\Windows\SysWOW64\rserver30\RServer3.exe" /service
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e3786076-d186-4475-af65-56bf3a58da8c -SystemEventPortName:HostProcess-0cc418eb-7987-4cc8-b001-37db6ec79f82 -IoCancelEventPortName:HostProcess-e05fdcd5-8100-419a-96f5-13d5a9ce0918 -NonStateChangingEventPortName:HostProcess-8b451e7b-c7bd-4a61-b3e7-dda51d65896c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a7b36528-8dc8-4f15-aa17-31d4914218b2
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2928.d193f30.1620654183 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2928 "\\.\pipe\gecko-crash-server-pipe.2928" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2928.116b9e40.1810336828 "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2928 "\\.\pipe\gecko-crash-server-pipe.2928" plugin
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey FC9D3409-31AB-14E7-653F-8830AC6E541C -Reinvoke
"C:\Users\Admin\Desktop\RSITx64.exe"
"C:\Windows\SysWOW64\rserver30\FamItrfc.Exe"
"C:\Windows\SysWOW64\rserver30\FamItrfc.Exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0, {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7, {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.babylon.com/?AF=109993&ba ... 544c60b&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\
cs@dictionaries.addons.mozilla.org
{241aae70-0022-11de-87af-0800200c9a66}
{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-08-29 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-08-29 520192]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"Cm112Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2009-04-22 116128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-12-16 7299536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe [2012-04-24 353440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-12-15 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2010\qip.exe [2011-12-16 7299536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2010-11-21 557056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-03-14 446136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-04-20 222504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-03-07 4241512]
"CSTDCMainController2010"= []
"CSTDCSolverServer2010"= []
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2012-05-08 327680]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-05-22 16:36:12 ----D---- C:\rsit
2012-05-22 16:36:12 ----D---- C:\Program Files\trend micro
2012-05-14 22:12:58 ----D---- C:\Program Files (x86)\Gameforge4D
2012-05-11 14:06:14 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-11 14:06:14 ----A---- C:\Windows\system32\DWrite.dll
2012-05-11 14:06:12 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-11 14:06:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-11 14:06:07 ----A---- C:\Windows\system32\win32k.sys
2012-05-11 14:06:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-11 14:06:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-11 14:04:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-03 18:27:23 ----D---- C:\Users\Admin\AppData\Roaming\NVIDIA
2012-04-25 16:41:20 ----D---- C:\ProgramData\Mozilla
2012-04-25 16:41:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
======List of files/folders modified in the last 1 month======
2012-05-22 16:36:16 ----D---- C:\Windows\Prefetch
2012-05-22 16:36:13 ----D---- C:\Windows\Temp
2012-05-22 16:36:12 ----RD---- C:\Program Files
2012-05-22 14:26:33 ----D---- C:\Windows\system32\config
2012-05-22 14:12:44 ----A---- C:\Windows\SYSWOW64\log.txt
2012-05-22 14:12:42 ----D---- C:\Program Files (x86)\CST STUDIO SUITE 2010
2012-05-22 00:22:13 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2012-05-21 19:30:29 ----D---- C:\Windows\System32
2012-05-21 19:30:29 ----D---- C:\Windows\inf
2012-05-21 19:30:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-21 00:02:06 ----D---- C:\Windows\system32\drivers
2012-05-18 18:14:59 ----SHD---- C:\System Volume Information
2012-05-16 20:57:37 ----SHD---- C:\Windows\Installer
2012-05-15 06:35:16 ----D---- C:\Windows
2012-05-14 22:12:58 ----RD---- C:\Program Files (x86)
2012-05-14 16:42:38 ----D---- C:\Users\Admin\AppData\Roaming\CST AG
2012-05-13 10:12:09 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2012-05-11 18:11:06 ----RSD---- C:\Windows\assembly
2012-05-11 18:11:06 ----D---- C:\Windows\Microsoft.NET
2012-05-11 14:22:33 ----D---- C:\Windows\winsxs
2012-05-11 14:18:44 ----D---- C:\Windows\SysWOW64
2012-05-11 14:14:32 ----D---- C:\Windows\debug
2012-05-11 14:14:30 ----A---- C:\Windows\system32\MRT.exe
2012-05-11 14:12:17 ----D---- C:\Windows\system32\catroot
2012-05-11 14:07:10 ----D---- C:\Program Files\Windows Journal
2012-05-11 14:05:46 ----D---- C:\Windows\system32\catroot2
2012-05-11 13:54:48 ----D---- C:\Windows\system32\wdi
2012-05-08 10:06:31 ----D---- C:\Program Files (x86)\uTorrent
2012-05-01 09:48:34 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-04-27 13:02:33 ----A---- C:\Windows\system.ini
2012-04-27 01:36:19 ----D---- C:\Users\Admin\AppData\Roaming\Winamp
2012-04-26 23:17:53 ----D---- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2012-04-26 23:17:33 ----D---- C:\Windows\Minidump
2012-04-26 23:17:33 ----D---- C:\Windows\Logs
2012-04-25 16:41:20 ----HD---- C:\ProgramData
2012-04-25 16:41:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-24 17:36:17 ----D---- C:\ProgramData\NVIDIA
2012-04-24 16:23:27 ----D---- C:\Program Files\NVIDIA Corporation
2012-04-24 16:23:07 ----D---- C:\Windows\system32\DriverStore
2012-04-24 15:47:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-08 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 raddrvv3;raddrvv3; \??\C:\Windows\SysWOW64\rserver30\raddrvv3.sys [2009-10-09 68704]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-11-10 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-11-10 43680]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 mirrorv3;mirrorv3; C:\Windows\system32\DRIVERS\rminiv3.sys [2009-10-09 5632]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 USBADVAU;USB Advance Audio Interface; C:\Windows\system32\drivers\cm11264.sys [2009-09-25 1307648]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2010-08-31 254976]
S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys []
S1 khips;Kerio HIPS Driver; C:\Windows\system32\drivers\khips.sys []
S2 DS1410D;DS1410D; C:\Windows\SYSTEM32\drivers\DS1410D.SYS []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-02-10 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-02-10 27176]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb16.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS_64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-07 44768]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CST DC Main Controller 2010;CST DC Main Controller 2010; C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Main Controller\CSTDCMainController.exe [2011-02-14 2097152]
R2 CST DC Solver Server 2010;CST DC Solver Server 2010; C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Solver Server\CSTDCSolverServer.exe [2010-01-30 2580480]
R2 CST License Manager;CST License Manager; C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe [2009-11-28 1431440]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 1016936]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 RServer3;Radmin Server V3; C:\Windows\SysWOW64\rserver30\RServer3.exe [2009-10-09 1242504]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 253088]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-06 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-09 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivně LOG
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivně LOG
Naposledy upravil(a) čmaja dne 24 kvě 2012 15:49, celkem upraveno 1 x.
Re: Preventivně LOG
Omlouvám se pokud jsem něco porušil, ale nejsem si ničeho vědom. Pomůže mi prosím někdo?
Re: Preventivně LOG
Zdravim 
Co jste tedka s logem delal?
Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium 
A nebo byla "koupena" nekde na internetu 
Co jste tedka s logem delal?
Naposledy upravil čmaja dne 24 kvě 2012, 16:49, celkově upraveno 1
Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium A nebo byla "koupena" nekde na internetu "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivně LOG
Měl jsem tam info a to byla zbytečnost, tak jsem tam dal jen ten log. Věřím tomu, že nevyužiji Ultimate, ale já jsem k tomu přišel jak slepý k brýlím (dostal jsem ho už s nainstalovaným Windows). Je v tom nějaký problém?
Re: Preventivně LOG
Ne neni, jen jsem se ze zvedavosti ptal Priste si prosim neodpovidejte, nebo nam zapadnete zcela urcite...na kazdeho se tu dostane rada, ale nase forum funguje na bazi dobrovlnosti = vsichni jsme tu zdarma a ve svem volnem case Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivně LOG
Odstranil jsem jen jeden toolbar, víc jsem jich nenašel.
OTL.Txt
OTL logfile created on: 24.5.2012 22:12:52 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,93 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,98% Memory free
16,15 Gb Paging File | 13,68 Gb Available in Paging File | 84,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 46,94 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 41,75 Gb Free Space | 8,96% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 94,04 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
Computer Name: STOLNI-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.05.24 22:10:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2012.05.22 20:58:37 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.05.01 09:48:31 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.04.25 16:41:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.12.16 14:05:06 | 007,299,536 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2010\qip.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.02.14 02:42:04 | 001,756,872 | ---- | M] (CST Computer Simulation Technology) -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\cstd.exe
PRC - [2009.11.28 14:53:32 | 001,431,440 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe
PRC - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 15:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.10.09 20:54:34 | 000,161,160 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
PRC - [2009.10.09 14:00:44 | 001,242,504 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\rserver3.exe
PRC - [2009.09.30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2005.10.10 10:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe
PRC - [2005.10.10 10:56:46 | 002,887,680 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.22 20:37:49 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.05.01 09:48:32 | 001,952,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.05.01 09:48:31 | 000,162,776 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.05.01 09:48:31 | 000,021,976 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.04.25 16:41:11 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.16 14:05:28 | 000,955,856 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\Social\Social.dll
MOD - [2011.12.16 14:05:26 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\MRA\pics.dll
MOD - [2011.12.16 14:05:24 | 001,638,864 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\MRA\mra.dll
MOD - [2011.12.16 14:05:20 | 002,520,528 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\InfICQ\inficq.dll
MOD - [2011.12.16 14:05:16 | 000,821,200 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\qipradio\qipradio.dll
MOD - [2011.12.16 14:05:16 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\Win7Helper\Win7Helper.dll
MOD - [2011.12.16 14:05:14 | 000,139,216 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\cards\cards.dll
MOD - [2011.12.16 14:05:08 | 004,659,664 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Core\voip.dll
MOD - [2009.10.03 02:48:54 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.CZE
MOD - [2009.10.03 02:46:34 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\updater.CZE
MOD - [2009.09.30 01:28:56 | 000,168,448 | ---- | M] () -- C:\Windows\SysWOW64\rserver30\1029.lng_rad
MOD - [2009.06.27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.02.27 19:52:42 | 001,675,264 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.CZE
MOD - [2005.08.11 16:21:48 | 000,790,528 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll
MOD - [2005.08.11 16:21:48 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll
MOD - [2005.08.11 16:21:48 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktzlib.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.02.06 17:48:35 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.04.25 16:41:12 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.14 02:41:44 | 002,097,152 | ---- | M] (CST AG) [Auto | Stopped] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Main Controller\CSTDCMainController.exe -- (CST DC Main Controller 2010)
SRV - [2011.02.02 15:08:16 | 000,018,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.30 08:15:01 | 002,580,480 | ---- | M] (CST AG) [Auto | Stopped] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Solver Server\CSTDCSolverServer.exe -- (CST DC Solver Server 2010)
SRV - [2009.11.28 14:53:32 | 001,431,440 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe -- (CST License Manager)
SRV - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.09 14:00:44 | 001,242,504 | ---- | M] (Famatech Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rserver30\RServer3.exe -- (RServer3)
SRV - [2009.09.30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005.10.10 10:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.10 00:18:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.02.10 00:18:45 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.10 18:18:03 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.11.10 18:18:03 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.11.08 15:51:49 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.31 13:23:30 | 000,254,976 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6)
DRV:64bit: - [2010.04.27 12:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.09 15:00:44 | 000,005,632 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rminiv3.sys -- (mirrorv3)
DRV:64bit: - [2009.09.25 18:04:50 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cm11264.sys -- (USBADVAU)
DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.10.09 14:00:44 | 000,068,704 | ---- | M] (Famatech Corp.) [Kernel | System | Running] -- C:\Windows\SysWOW64\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.09.26 12:05:06 | 000,286,720 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\fwdrv.sys -- (fwdrv)
DRV - [2005.09.26 12:05:06 | 000,081,920 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\khips.sys -- (khips)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes,DefaultScope = {87B99FE4-8700-407d-B86B-1EB3DD7CC324}
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 6f6544c60b
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}: "URL" = http://www.google.com/cse?cx=partner-pu ... 4067623346
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}: "URL" = http://search.yahoo.com/search?p={searc ... type=STDVM
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}: "URL" = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109993&ba ... 544c60b&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.03.16 22:16:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 16:41:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.20 20:00:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.01 14:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2010.12.04 15:36:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2010.12.04 14:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.02 22:16:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions
[2012.04.29 22:16:42 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010.12.04 15:36:17 | 000,000,000 | ---D | M] (Aero Fox XL) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010.12.04 17:03:00 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.12.04 15:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2010.12.04 14:12:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\se7ngqjr.default\extensions
[2010.12.04 15:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions
[2010.11.14 21:16:47 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.11.25 00:12:47 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.03.03 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.03 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.08.29 23:13:12 | 000,146,598 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPMYPPYY.DEFAULT\EXTENSIONS\{003D3EDC-99B9-4A34-9C20-60CB94F7E829}.XPI
[2011.07.03 17:07:50 | 000,039,611 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPMYPPYY.DEFAULT\EXTENSIONS\{DB9127A2-3381-41EC-82B3-1B6ED4C6F29A}.XPI
[2012.04.25 16:41:12 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.30 00:39:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.11.30 15:20:46 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.03.03 15:22:44 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.14 18:08:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.14 18:08:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.27 07:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.14 18:08:43 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.14 18:08:43 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.14 18:08:43 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4:64bit: - HKLM..\Run: [Cm112Sound] C:\Windows\Syswow64\cm112.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe (Zemi Interactive Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CSTDCMainController2010] File not found
O4 - HKLM..\Run: [CSTDCSolverServer2010] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Stahnout FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.9.1 10.1.1.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6861550-BE1C-4930-A818-489F55A53B17}: DhcpNameServer = 10.1.9.1 10.1.1.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEE6AB71-94EA-4A4A-9DF6-9BECBF70913E}: NameServer = 212.96.161.6,212.96.160.7
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.28 18:10:57 | 000,000,000 | ---D | M] - E:\AutoCAD -- [ NTFS ]
O33 - MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\Shell - "" = AutoRun
O33 - MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\Shell\AutoRun\command - "" = I:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: aux - File not found
Drivers32:64bit: aux1 - File not found
Drivers32:64bit: aux2 - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midi1 - File not found
Drivers32:64bit: midi2 - File not found
Drivers32:64bit: midi3 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer1 - File not found
Drivers32:64bit: mixer2 - File not found
Drivers32:64bit: mixer3 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: vidc.i420 - File not found
Drivers32:64bit: vidc.iyuv - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: vidc.uyvy - File not found
Drivers32:64bit: vidc.yuy2 - File not found
Drivers32:64bit: vidc.yvu9 - File not found
Drivers32:64bit: vidc.yvyu - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave1 - File not found
Drivers32:64bit: wave2 - File not found
Drivers32:64bit: wave3 - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: aux - wdmaud.drv File not found
Drivers32: aux1 - wdmaud.drv File not found
Drivers32: aux2 - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midi2 - wdmaud.drv File not found
Drivers32: midi3 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: mixer2 - wdmaud.drv File not found
Drivers32: mixer3 - wdmaud.drv File not found
Drivers32: msacm.divxa32 - msaud32_divx.acm File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: vidc.i420 - iyuv_32.dll File not found
Drivers32: vidc.iyuv - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.uyvy - msyuv.dll File not found
Drivers32: vidc.yuy2 - msyuv.dll File not found
Drivers32: vidc.yvu9 - tsbyuv.dll File not found
Drivers32: vidc.yvyu - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wave2 - wdmaud.drv File not found
Drivers32: wave3 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.24 22:10:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2012.05.23 00:33:47 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.05.23 00:33:47 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.05.23 00:33:47 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.05.23 00:33:47 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.05.23 00:33:47 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.05.23 00:33:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.05.23 00:33:46 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.05.23 00:33:46 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.05.23 00:33:46 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.05.23 00:33:46 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.05.23 00:33:46 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.05.23 00:33:46 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.05.23 00:33:45 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.05.23 00:33:45 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.05.23 00:33:44 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.05.23 00:33:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.05.23 00:33:43 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.05.23 00:33:43 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.05.23 00:33:43 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.05.23 00:33:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.05.23 00:33:42 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.05.23 00:33:42 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.05.23 00:33:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.05.23 00:33:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.05.23 00:33:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.05.23 00:33:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.05.23 00:33:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.05.23 00:33:41 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.05.23 00:33:39 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.05.23 00:33:39 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.05.23 00:33:38 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.05.23 00:33:38 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.05.23 00:33:38 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.05.23 00:33:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.05.23 00:33:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.05.23 00:33:37 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.05.23 00:33:37 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.05.23 00:33:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.05.23 00:33:36 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.05.23 00:33:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.05.23 00:33:36 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.05.23 00:33:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.05.23 00:33:35 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.05.23 00:33:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.05.23 00:33:35 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.05.23 00:33:35 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.05.23 00:33:35 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.05.23 00:33:35 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.05.23 00:33:34 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.05.23 00:33:34 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.05.23 00:33:34 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.05.23 00:33:34 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.05.23 00:33:34 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.05.23 00:33:34 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.05.23 00:33:34 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.05.23 00:33:34 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.05.23 00:33:33 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.05.23 00:33:33 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.05.23 00:33:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.05.23 00:33:33 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.05.23 00:33:32 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.05.23 00:33:32 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.05.23 00:33:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.05.23 00:33:32 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.05.23 00:33:31 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.05.23 00:33:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.05.23 00:33:31 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.05.23 00:33:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.05.23 00:33:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.05.23 00:33:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.05.23 00:33:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.05.23 00:33:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.05.23 00:33:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.05.23 00:33:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.05.23 00:33:29 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.05.23 00:33:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.05.23 00:33:29 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.05.23 00:33:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.05.23 00:33:28 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.05.23 00:33:28 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.05.23 00:33:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.05.23 00:33:27 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.05.23 00:33:27 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.05.23 00:33:27 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.05.23 00:33:26 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.05.23 00:33:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.05.23 00:33:26 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.05.23 00:33:26 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.05.23 00:33:26 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.05.23 00:33:26 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.05.23 00:33:25 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.05.23 00:33:25 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.05.23 00:33:23 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.05.23 00:33:23 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.05.23 00:33:22 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.05.23 00:33:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.05.23 00:33:22 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.05.23 00:33:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.05.23 00:33:21 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.05.23 00:33:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.05.23 00:31:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\PCSX2
[2012.05.23 00:30:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.05.23 00:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2012.05.23 00:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2012.05.22 16:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.22 16:36:12 | 000,000,000 | ---D | C] -- C:\rsit
========== Files - Modified Within 7 Days ==========
[2012.05.24 22:14:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.24 22:10:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2012.05.24 21:20:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.24 18:20:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.24 15:11:20 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 15:11:20 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 15:00:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.24 14:59:55 | 2090,459,135 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.23 22:50:39 | 030,947,459 | ---- | M] () -- C:\Users\Admin\Desktop\PCSX2_BIOS.rar
[2012.05.23 00:30:36 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012.05.22 20:37:50 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.22 20:37:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.22 16:33:58 | 000,935,175 | ---- | M] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2012.05.22 16:24:16 | 042,950,664 | ---- | M] () -- C:\Users\Admin\Desktop\TEN_STICKS.rar
[2012.05.21 19:30:29 | 001,768,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.21 19:30:29 | 000,734,760 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.05.21 19:30:29 | 000,720,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.21 19:30:29 | 000,165,482 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.05.21 19:30:29 | 000,146,116 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
========== Files Created - No Company Name ==========
[2012.05.24 22:14:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.23 22:33:55 | 030,947,459 | ---- | C] () -- C:\Users\Admin\Desktop\PCSX2_BIOS.rar
[2012.05.23 00:30:36 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012.05.22 16:33:52 | 000,935,175 | ---- | C] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2012.05.22 16:21:58 | 042,950,664 | ---- | C] () -- C:\Users\Admin\Desktop\TEN_STICKS.rar
[2012.04.17 22:39:12 | 000,004,096 | -H-- | C] () -- C:\Users\Admin\AppData\Local\keyfile3.drm
[2012.02.20 02:53:37 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2011.08.29 01:17:13 | 000,012,622 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\SLOVA.WAV
[2011.08.29 01:17:13 | 000,012,222 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\TMP.WAV
[2011.06.05 16:02:16 | 000,000,305 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.06.05 15:18:25 | 000,000,248 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.06.05 15:14:13 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.02.25 11:22:09 | 001,746,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.09 19:22:19 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.11.21 12:45:56 | 000,000,343 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.11.18 20:29:47 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010.11.18 20:29:47 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010.11.18 20:29:47 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010.11.18 20:29:47 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010.11.18 20:29:47 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010.11.18 20:29:47 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010.11.18 20:29:47 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010.11.18 20:29:47 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010.11.18 20:29:47 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010.11.18 20:29:47 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2010.11.18 20:29:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010.11.18 20:29:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010.11.18 20:29:47 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010.11.18 20:29:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010.11.18 20:29:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010.11.18 20:29:47 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2010.11.18 20:29:47 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2010.11.18 20:29:47 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010.11.18 20:29:47 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010.11.18 17:57:53 | 000,251,904 | ---- | C] () -- C:\Windows\SysWow64\orant71.dll
[2010.11.16 19:46:00 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix112.dll
[2010.11.16 19:46:00 | 000,000,189 | ---- | C] () -- C:\Windows\Cm112.ini.cfl
[2010.11.16 19:45:31 | 000,000,575 | ---- | C] () -- C:\Windows\Cm112.ini.imi
[2010.11.16 19:30:14 | 000,005,630 | ---- | C] () -- C:\Windows\cm112.ini
[2010.11.16 19:29:40 | 000,002,049 | ---- | C] () -- C:\Windows\Cm112.ini.cfg
[2010.11.15 00:59:18 | 000,903,168 | ---- | C] () -- C:\Windows\SysWow64\mitmdl30.dll
[2010.11.15 00:59:18 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\lffax60n.dll
[2010.11.15 00:59:18 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\lfcmp60n.dll
[2010.11.15 00:59:18 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\lfpng60n.dll
[2010.11.15 00:59:18 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\lftif60n.dll
[2010.11.15 00:59:18 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lfpcx60n.dll
[2010.11.15 00:59:18 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfpct60n.dll
[2010.11.15 00:59:18 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfeps60n.dll
[2010.11.15 00:59:18 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\lfbmp60n.dll
[2010.11.15 00:59:18 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\lfpsd60n.dll
[2010.11.15 00:59:18 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\lftga60n.dll
[2010.11.15 00:59:18 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwpg60n.dll
[2010.11.15 00:59:18 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwmf60n.dll
[2010.11.15 00:59:18 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\lfmsp60n.dll
[2010.11.15 00:59:18 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\lfmac60n.dll
[2010.11.14 20:35:28 | 000,000,054 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.11.11 00:01:57 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.11.08 16:31:14 | 000,000,832 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.11.08 01:16:43 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2010.11.21 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2012.02.07 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2012.03.03 15:22:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2011.09.13 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BITS
[2012.05.14 16:42:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST AG
[2010.11.08 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST DE
[2012.04.26 23:17:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010.11.11 00:06:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
[2010.11.08 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DassaultSystemes
[2010.11.26 01:56:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Design Science
[2011.03.04 20:06:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Epson
[2011.06.05 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGet
[2011.06.05 15:13:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGetBHO
[2011.01.19 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FreeCDRipper
[2010.11.08 23:43:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2011.09.13 23:03:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.04.10 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Jpeg Resampler
[2011.09.07 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LangSoft
[2011.10.16 23:15:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\lbed
[2011.02.20 19:31:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mathsoft
[2010.12.21 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mikrotik
[2011.01.15 12:21:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice.org
[2010.12.28 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas
[2011.12.23 00:13:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\QIP
[2012.02.18 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Radmin
[2011.10.17 01:00:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scilab
[2010.11.30 02:20:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2010.11.08 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thinstall
[2011.02.23 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.05.24 22:18:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2012.01.15 21:20:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\YCanPDF
[2012.04.07 05:29:06 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< REATERESTOREPOINT >
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
OTL.Txt
OTL logfile created on: 24.5.2012 22:12:52 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,93 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,98% Memory free
16,15 Gb Paging File | 13,68 Gb Available in Paging File | 84,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 46,94 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 41,75 Gb Free Space | 8,96% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 94,04 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
Computer Name: STOLNI-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.05.24 22:10:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2012.05.22 20:58:37 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.05.01 09:48:31 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.04.25 16:41:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.12.16 14:05:06 | 007,299,536 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2010\qip.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.02.14 02:42:04 | 001,756,872 | ---- | M] (CST Computer Simulation Technology) -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\cstd.exe
PRC - [2009.11.28 14:53:32 | 001,431,440 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe
PRC - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 15:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.10.09 20:54:34 | 000,161,160 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
PRC - [2009.10.09 14:00:44 | 001,242,504 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\rserver3.exe
PRC - [2009.09.30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2005.10.10 10:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe
PRC - [2005.10.10 10:56:46 | 002,887,680 | ---- | M] (Kerio Technologies) -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4gui.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.22 20:37:49 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.05.01 09:48:32 | 001,952,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.05.01 09:48:31 | 000,162,776 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.05.01 09:48:31 | 000,021,976 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.04.25 16:41:11 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.16 14:05:28 | 000,955,856 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\Social\Social.dll
MOD - [2011.12.16 14:05:26 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\MRA\pics.dll
MOD - [2011.12.16 14:05:24 | 001,638,864 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\MRA\mra.dll
MOD - [2011.12.16 14:05:20 | 002,520,528 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Protos\InfICQ\inficq.dll
MOD - [2011.12.16 14:05:16 | 000,821,200 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\qipradio\qipradio.dll
MOD - [2011.12.16 14:05:16 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\Win7Helper\Win7Helper.dll
MOD - [2011.12.16 14:05:14 | 000,139,216 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Plugins\cards\cards.dll
MOD - [2011.12.16 14:05:08 | 004,659,664 | ---- | M] () -- C:\Program Files (x86)\QIP 2010\Core\voip.dll
MOD - [2009.10.03 02:48:54 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.CZE
MOD - [2009.10.03 02:46:34 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\updater.CZE
MOD - [2009.09.30 01:28:56 | 000,168,448 | ---- | M] () -- C:\Windows\SysWOW64\rserver30\1029.lng_rad
MOD - [2009.06.27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.02.27 19:52:42 | 001,675,264 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.CZE
MOD - [2005.08.11 16:21:48 | 000,790,528 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll
MOD - [2005.08.11 16:21:48 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll
MOD - [2005.08.11 16:21:48 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Kerio\Personal Firewall 4\ktzlib.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.02.06 17:48:35 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.04.25 16:41:12 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.14 02:41:44 | 002,097,152 | ---- | M] (CST AG) [Auto | Stopped] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Main Controller\CSTDCMainController.exe -- (CST DC Main Controller 2010)
SRV - [2011.02.02 15:08:16 | 000,018,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.30 08:15:01 | 002,580,480 | ---- | M] (CST AG) [Auto | Stopped] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\DC Solver Server\CSTDCSolverServer.exe -- (CST DC Solver Server 2010)
SRV - [2009.11.28 14:53:32 | 001,431,440 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files (x86)\CST STUDIO SUITE 2010\License Manager\lmgrd.exe -- (CST License Manager)
SRV - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.09 14:00:44 | 001,242,504 | ---- | M] (Famatech Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rserver30\RServer3.exe -- (RServer3)
SRV - [2009.09.30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005.10.10 10:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.10 00:18:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.02.10 00:18:45 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.10 18:18:03 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.11.10 18:18:03 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.11.08 15:51:49 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.31 13:23:30 | 000,254,976 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6)
DRV:64bit: - [2010.04.27 12:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.09 15:00:44 | 000,005,632 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rminiv3.sys -- (mirrorv3)
DRV:64bit: - [2009.09.25 18:04:50 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cm11264.sys -- (USBADVAU)
DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.10.09 14:00:44 | 000,068,704 | ---- | M] (Famatech Corp.) [Kernel | System | Running] -- C:\Windows\SysWOW64\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.09.26 12:05:06 | 000,286,720 | ---- | M] (Kerio Technologies) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\fwdrv.sys -- (fwdrv)
DRV - [2005.09.26 12:05:06 | 000,081,920 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\khips.sys -- (khips)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes,DefaultScope = {87B99FE4-8700-407d-B86B-1EB3DD7CC324}
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 6f6544c60b
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}: "URL" = http://www.google.com/cse?cx=partner-pu ... 4067623346
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}: "URL" = http://search.yahoo.com/search?p={searc ... type=STDVM
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}: "URL" = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109993&ba ... 544c60b&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.03.16 22:16:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 16:41:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.20 20:00:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.01 14:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2010.12.04 15:36:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2010.12.04 14:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.02 22:16:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions
[2012.04.29 22:16:42 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010.12.04 15:36:17 | 000,000,000 | ---D | M] (Aero Fox XL) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010.12.04 17:03:00 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.12.04 15:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bpmyppyy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2010.12.04 14:12:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\se7ngqjr.default\extensions
[2010.12.04 15:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions
[2010.11.14 21:16:47 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.11.25 00:12:47 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xhz4a1ye.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.03.03 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.03 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.08.29 23:13:12 | 000,146,598 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPMYPPYY.DEFAULT\EXTENSIONS\{003D3EDC-99B9-4A34-9C20-60CB94F7E829}.XPI
[2011.07.03 17:07:50 | 000,039,611 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPMYPPYY.DEFAULT\EXTENSIONS\{DB9127A2-3381-41EC-82B3-1B6ED4C6F29A}.XPI
[2012.04.25 16:41:12 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.30 00:39:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.11.30 15:20:46 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.03.03 15:22:44 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.14 18:08:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.14 18:08:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.27 07:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.14 18:08:43 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.14 18:08:43 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.14 18:08:43 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4:64bit: - HKLM..\Run: [Cm112Sound] C:\Windows\Syswow64\cm112.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe (Zemi Interactive Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CSTDCMainController2010] File not found
O4 - HKLM..\Run: [CSTDCSolverServer2010] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Stahnout FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Admin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.9.1 10.1.1.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6861550-BE1C-4930-A818-489F55A53B17}: DhcpNameServer = 10.1.9.1 10.1.1.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEE6AB71-94EA-4A4A-9DF6-9BECBF70913E}: NameServer = 212.96.161.6,212.96.160.7
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.28 18:10:57 | 000,000,000 | ---D | M] - E:\AutoCAD -- [ NTFS ]
O33 - MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\Shell - "" = AutoRun
O33 - MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\Shell\AutoRun\command - "" = I:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: aux - File not found
Drivers32:64bit: aux1 - File not found
Drivers32:64bit: aux2 - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midi1 - File not found
Drivers32:64bit: midi2 - File not found
Drivers32:64bit: midi3 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer1 - File not found
Drivers32:64bit: mixer2 - File not found
Drivers32:64bit: mixer3 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: vidc.i420 - File not found
Drivers32:64bit: vidc.iyuv - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: vidc.uyvy - File not found
Drivers32:64bit: vidc.yuy2 - File not found
Drivers32:64bit: vidc.yvu9 - File not found
Drivers32:64bit: vidc.yvyu - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave1 - File not found
Drivers32:64bit: wave2 - File not found
Drivers32:64bit: wave3 - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: aux - wdmaud.drv File not found
Drivers32: aux1 - wdmaud.drv File not found
Drivers32: aux2 - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midi2 - wdmaud.drv File not found
Drivers32: midi3 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: mixer2 - wdmaud.drv File not found
Drivers32: mixer3 - wdmaud.drv File not found
Drivers32: msacm.divxa32 - msaud32_divx.acm File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: vidc.i420 - iyuv_32.dll File not found
Drivers32: vidc.iyuv - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.uyvy - msyuv.dll File not found
Drivers32: vidc.yuy2 - msyuv.dll File not found
Drivers32: vidc.yvu9 - tsbyuv.dll File not found
Drivers32: vidc.yvyu - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wave2 - wdmaud.drv File not found
Drivers32: wave3 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.24 22:10:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2012.05.23 00:33:47 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.05.23 00:33:47 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.05.23 00:33:47 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.05.23 00:33:47 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.05.23 00:33:47 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.05.23 00:33:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.05.23 00:33:46 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.05.23 00:33:46 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.05.23 00:33:46 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.05.23 00:33:46 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.05.23 00:33:46 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.05.23 00:33:46 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.05.23 00:33:45 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.05.23 00:33:45 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.05.23 00:33:44 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.05.23 00:33:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.05.23 00:33:43 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.05.23 00:33:43 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.05.23 00:33:43 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.05.23 00:33:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.05.23 00:33:42 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.05.23 00:33:42 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.05.23 00:33:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.05.23 00:33:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.05.23 00:33:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.05.23 00:33:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.05.23 00:33:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.05.23 00:33:41 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.05.23 00:33:39 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.05.23 00:33:39 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.05.23 00:33:38 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.05.23 00:33:38 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.05.23 00:33:38 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.05.23 00:33:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.05.23 00:33:37 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.05.23 00:33:37 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.05.23 00:33:37 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.05.23 00:33:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.05.23 00:33:36 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.05.23 00:33:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.05.23 00:33:36 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.05.23 00:33:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.05.23 00:33:35 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.05.23 00:33:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.05.23 00:33:35 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.05.23 00:33:35 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.05.23 00:33:35 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.05.23 00:33:35 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.05.23 00:33:34 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.05.23 00:33:34 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.05.23 00:33:34 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.05.23 00:33:34 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.05.23 00:33:34 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.05.23 00:33:34 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.05.23 00:33:34 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.05.23 00:33:34 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.05.23 00:33:33 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.05.23 00:33:33 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.05.23 00:33:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.05.23 00:33:33 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.05.23 00:33:32 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.05.23 00:33:32 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.05.23 00:33:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.05.23 00:33:32 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.05.23 00:33:31 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.05.23 00:33:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.05.23 00:33:31 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.05.23 00:33:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.05.23 00:33:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.05.23 00:33:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.05.23 00:33:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.05.23 00:33:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.05.23 00:33:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.05.23 00:33:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.05.23 00:33:29 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.05.23 00:33:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.05.23 00:33:29 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.05.23 00:33:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.05.23 00:33:28 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.05.23 00:33:28 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.05.23 00:33:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.05.23 00:33:27 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.05.23 00:33:27 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.05.23 00:33:27 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.05.23 00:33:26 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.05.23 00:33:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.05.23 00:33:26 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.05.23 00:33:26 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.05.23 00:33:26 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.05.23 00:33:26 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.05.23 00:33:25 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.05.23 00:33:25 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.05.23 00:33:23 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.05.23 00:33:23 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.05.23 00:33:22 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.05.23 00:33:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.05.23 00:33:22 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.05.23 00:33:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.05.23 00:33:21 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.05.23 00:33:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.05.23 00:31:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\PCSX2
[2012.05.23 00:30:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.05.23 00:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2012.05.23 00:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2012.05.22 16:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.22 16:36:12 | 000,000,000 | ---D | C] -- C:\rsit
========== Files - Modified Within 7 Days ==========
[2012.05.24 22:14:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.24 22:10:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2012.05.24 21:20:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.24 18:20:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.24 15:11:20 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 15:11:20 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 15:00:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.24 14:59:55 | 2090,459,135 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.23 22:50:39 | 030,947,459 | ---- | M] () -- C:\Users\Admin\Desktop\PCSX2_BIOS.rar
[2012.05.23 00:30:36 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012.05.22 20:37:50 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.22 20:37:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.22 16:33:58 | 000,935,175 | ---- | M] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2012.05.22 16:24:16 | 042,950,664 | ---- | M] () -- C:\Users\Admin\Desktop\TEN_STICKS.rar
[2012.05.21 19:30:29 | 001,768,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.21 19:30:29 | 000,734,760 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.05.21 19:30:29 | 000,720,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.21 19:30:29 | 000,165,482 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.05.21 19:30:29 | 000,146,116 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
========== Files Created - No Company Name ==========
[2012.05.24 22:14:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.23 22:33:55 | 030,947,459 | ---- | C] () -- C:\Users\Admin\Desktop\PCSX2_BIOS.rar
[2012.05.23 00:30:36 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012.05.22 16:33:52 | 000,935,175 | ---- | C] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2012.05.22 16:21:58 | 042,950,664 | ---- | C] () -- C:\Users\Admin\Desktop\TEN_STICKS.rar
[2012.04.17 22:39:12 | 000,004,096 | -H-- | C] () -- C:\Users\Admin\AppData\Local\keyfile3.drm
[2012.02.20 02:53:37 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2011.08.29 01:17:13 | 000,012,622 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\SLOVA.WAV
[2011.08.29 01:17:13 | 000,012,222 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\TMP.WAV
[2011.06.05 16:02:16 | 000,000,305 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011.06.05 15:18:25 | 000,000,248 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.06.05 15:14:13 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.02.25 11:22:09 | 001,746,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.09 19:22:19 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.11.21 12:45:56 | 000,000,343 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.11.18 20:29:47 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010.11.18 20:29:47 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010.11.18 20:29:47 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010.11.18 20:29:47 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010.11.18 20:29:47 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010.11.18 20:29:47 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010.11.18 20:29:47 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010.11.18 20:29:47 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010.11.18 20:29:47 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010.11.18 20:29:47 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2010.11.18 20:29:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010.11.18 20:29:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010.11.18 20:29:47 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010.11.18 20:29:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010.11.18 20:29:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010.11.18 20:29:47 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2010.11.18 20:29:47 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2010.11.18 20:29:47 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010.11.18 20:29:47 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010.11.18 17:57:53 | 000,251,904 | ---- | C] () -- C:\Windows\SysWow64\orant71.dll
[2010.11.16 19:46:00 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix112.dll
[2010.11.16 19:46:00 | 000,000,189 | ---- | C] () -- C:\Windows\Cm112.ini.cfl
[2010.11.16 19:45:31 | 000,000,575 | ---- | C] () -- C:\Windows\Cm112.ini.imi
[2010.11.16 19:30:14 | 000,005,630 | ---- | C] () -- C:\Windows\cm112.ini
[2010.11.16 19:29:40 | 000,002,049 | ---- | C] () -- C:\Windows\Cm112.ini.cfg
[2010.11.15 00:59:18 | 000,903,168 | ---- | C] () -- C:\Windows\SysWow64\mitmdl30.dll
[2010.11.15 00:59:18 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\lffax60n.dll
[2010.11.15 00:59:18 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\lfcmp60n.dll
[2010.11.15 00:59:18 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\lfpng60n.dll
[2010.11.15 00:59:18 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\lftif60n.dll
[2010.11.15 00:59:18 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lfpcx60n.dll
[2010.11.15 00:59:18 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfpct60n.dll
[2010.11.15 00:59:18 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfeps60n.dll
[2010.11.15 00:59:18 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\lfbmp60n.dll
[2010.11.15 00:59:18 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\lfpsd60n.dll
[2010.11.15 00:59:18 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\lftga60n.dll
[2010.11.15 00:59:18 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwpg60n.dll
[2010.11.15 00:59:18 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwmf60n.dll
[2010.11.15 00:59:18 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\lfmsp60n.dll
[2010.11.15 00:59:18 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\lfmac60n.dll
[2010.11.14 20:35:28 | 000,000,054 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.11.11 00:01:57 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.11.08 16:31:14 | 000,000,832 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.11.08 01:16:43 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2010.11.21 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2012.02.07 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2012.03.03 15:22:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2011.09.13 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BITS
[2012.05.14 16:42:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST AG
[2010.11.08 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST DE
[2012.04.26 23:17:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010.11.11 00:06:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
[2010.11.08 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DassaultSystemes
[2010.11.26 01:56:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Design Science
[2011.03.04 20:06:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Epson
[2011.06.05 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGet
[2011.06.05 15:13:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGetBHO
[2011.01.19 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FreeCDRipper
[2010.11.08 23:43:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2011.09.13 23:03:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.04.10 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Jpeg Resampler
[2011.09.07 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LangSoft
[2011.10.16 23:15:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\lbed
[2011.02.20 19:31:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mathsoft
[2010.12.21 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mikrotik
[2011.01.15 12:21:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice.org
[2010.12.28 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas
[2011.12.23 00:13:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\QIP
[2012.02.18 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Radmin
[2011.10.17 01:00:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scilab
[2010.11.30 02:20:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2010.11.08 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thinstall
[2011.02.23 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.05.24 22:18:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2012.01.15 21:20:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\YCanPDF
[2012.04.07 05:29:06 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< REATERESTOREPOINT >
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
Re: Preventivně LOG
....pokračování....
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ebe8693eef1198d8a3ad53a7bc120e22\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ebe8693eef1198d8a3ad53a7bc120e22\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.09 20:05:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2010.11.21 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2012.02.07 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2012.03.03 15:22:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2011.09.13 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BITS
[2012.05.14 16:42:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST AG
[2010.11.08 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST DE
[2010.11.21 12:56:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CyberLink
[2012.04.26 23:17:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010.11.11 00:06:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
[2010.11.08 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DassaultSystemes
[2010.11.26 01:56:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Design Science
[2011.03.04 20:06:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Epson
[2011.06.05 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGet
[2011.06.05 15:13:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGetBHO
[2011.01.19 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FreeCDRipper
[2010.11.08 23:43:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2011.09.13 23:03:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2010.11.08 15:53:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GRETECH
[2010.11.08 01:01:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2010.11.08 01:33:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\InstallShield
[2012.04.10 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Jpeg Resampler
[2011.09.07 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LangSoft
[2011.10.16 23:15:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\lbed
[2010.11.08 02:15:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2011.02.20 19:31:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mathsoft
[2010.11.14 10:54:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MathWorks
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012.01.07 02:01:34 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2010.12.21 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mikrotik
[2012.03.15 01:28:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MiKTeX
[2010.12.04 15:36:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2012.05.03 18:27:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NVIDIA
[2011.01.15 12:21:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice.org
[2010.12.28 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas
[2011.12.23 00:13:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\QIP
[2012.02.18 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Radmin
[2011.10.17 01:00:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scilab
[2012.05.24 22:29:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2010.11.30 02:20:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2010.11.08 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thinstall
[2011.02.23 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.05.24 22:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2011.07.11 21:43:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\vlc
[2012.05.24 16:59:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Winamp
[2010.11.08 02:18:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WinRAR
[2012.01.15 21:20:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\YCanPDF
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.02.20 19:30:23 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}\ARPPRODUCTICON.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\ARPPRODUCTICON.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut3_8315396A5EA1419DBEC4978284BDF556.exe
[2012.02.06 17:57:48 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.20 19:30:47 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}\ARPPRODUCTICON.exe
[2010.12.21 20:37:58 | 000,040,960 | ---- | M] (ss) -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas\PingIPscan2008112.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.24 18:20:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.05.24 22:20:12 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.22 20:37:50 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.05.22 20:37:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.05.24 15:02:32 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Nektra OEAPI" =
"OEXPRESS" =
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.22 20:58:37 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.25 16:41:12 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.24 22:14:42 | 000,000,512 | ---- | M] () MD5=6C9C447CB87888BBE17167F88CC485AE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.09.02 19:17:26 | 000,018,565 | R--- | M] () -- \Program Files (x86)\Ansoft\Designer2\Ansoft.Designer.V2.2.Crack-EFA.exe
[2001.02.09 13:03:12 | 000,000,483 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\crackb.m
[2003.10.21 08:26:04 | 000,002,931 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\crackg.m
[2005.03.07 13:35:58 | 000,000,091 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\ja\crackb.m
[2005.03.07 13:36:00 | 000,000,582 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\ja\crackg.m
[2001.08.15 01:31:08 | 000,030,054 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Components\InventorView2012\Application Data\Autodesk\Inventor View 2012\Textures\surfaces\Cracks.bmp
[2001.08.15 01:31:08 | 000,030,054 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor View 2012\Textures\surfaces\Cracks.bmp
< *keygen* /s >
[2011.08.29 21:31:53 | 000,020,009 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\PC Translator 2007 full ISO(CZ)+Keygen.torrent
< *loader* /s >
[2011.08.30 11:56:58 | 000,000,020 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AVR Toolchain\doc\avr-libc\man\man3\BOOTLOADER_SECTION.3
[2011.08.25 21:42:46 | 000,067,584 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AvrStudio4\dll\AvrBootloader.dll
[2011.08.25 21:42:48 | 000,006,656 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AvrStudio4\dll\AvrBootloaderps.dll
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.11.08 22:01:54 | 000,249,672 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 22:01:54 | 000,018,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.11.28 14:44:06 | 000,001,729 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATFMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,000,620 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATMMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,000,072 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,001,305 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMLoadError.CATNls
[2009.11.28 14:44:14 | 000,003,663 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,004,931 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2009.11.28 14:44:20 | 000,000,644 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2009.11.28 14:44:22 | 000,000,100 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2009.11.28 14:44:22 | 000,000,856 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2009.11.28 14:45:52 | 000,001,729 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATFMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,000,620 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATMMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,000,072 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,001,305 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMLoadError.CATNls
[2009.11.28 14:46:00 | 000,003,663 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,004,931 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2009.11.28 14:46:06 | 000,000,644 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2009.11.28 14:46:06 | 000,000,100 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2009.11.28 14:46:08 | 000,000,856 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2012.05.08 10:59:16 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\TLoader.exe
[2008.02.08 01:09:42 | 000,014,087 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\help\toolbox\javabuilder\MWArrayAPI\com\mathworks\toolbox\javabuilder\MWCtfClassLoaderSource.html
[2003.07.10 00:11:38 | 000,011,436 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 14:21:36 | 000,000,727 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\ByteLoader.pm
[2007.01.23 16:58:08 | 000,028,960 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\DynaLoader.pm
[2003.08.14 00:44:12 | 000,012,953 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\SelfLoader.pm
[2007.01.23 16:58:08 | 000,010,818 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\XSLoader.pm
[2007.01.23 16:58:30 | 000,000,000 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.bs
[2007.01.23 16:58:28 | 000,028,782 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2007.01.23 16:58:28 | 000,000,817 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.exp
[2007.01.23 16:58:28 | 000,002,212 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.lib
[2003.07.10 00:11:48 | 000,001,324 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2008.01.17 21:28:28 | 000,002,828 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\webrenderer\windows\corecomponents\components\uriloader.xpt
[2008.01.11 16:15:06 | 000,005,493 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\instrument\instrument\private\privateIviComLoader.m
[2004.07.12 14:09:10 | 000,000,215 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\local\classloader.txt
[2007.11.17 17:57:22 | 000,000,382 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\multilink\multilink\util\mu_loaderrortable.m
[2007.11.12 20:15:38 | 000,003,883 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\mpc555dk\mpc555dk\mpc555_launch_downloader.m
[2008.01.18 01:01:36 | 000,000,925 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\mpc555dk\mpc555dk\mpc555_launch_downloader.p
[2007.12.06 14:47:18 | 000,002,747 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\xpc\xpc\bin\bootloader.bin
[2008.01.24 01:34:36 | 000,010,240 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\simbio\simbio\private\sysbioloader.mexw32
[2008.01.24 01:32:20 | 000,011,264 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\simbio\simbio\private\sysbioloader.mexw64
[2009.07.22 10:17:52 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 02:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 05:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 05:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2010.11.11 16:56:40 | 000,379,396 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\luatexbase-loader.pdf
[2010.11.11 16:56:40 | 000,000,555 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-latex.tex
[2010.11.11 16:56:40 | 000,000,548 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-plain.tex
[2010.11.11 16:56:40 | 000,000,411 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.lua
[2010.11.11 16:56:40 | 000,000,419 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.sub.lua
[2010.05.01 23:11:23 | 000,003,471 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\generic\oberdiek\luatex-loader.sty
[2010.08.05 23:18:41 | 000,001,585 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\generic\pgfplots\oldpgfcompatib\pgfplotsoldpgfsupp_loader.code.tex
[2010.11.11 16:56:40 | 000,002,580 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase-loader.sty
[2010.11.11 16:56:40 | 000,002,075 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase.loader.lua
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.11.08 16:08:36 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.11.08 16:08:41 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2011.02.10 18:08:10 | 000,000,123 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\contrib\loader.sce
[2011.04.15 00:33:42 | 000,000,601 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\contrib\xcos_toolbox_skeleton\sci_gateway\loader_gateway.sce
[2011.07.20 11:05:56 | 000,031,152 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\dynamic_link\macros\ilib_gen_loader.bin
[2011.02.10 18:08:12 | 000,007,834 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\dynamic_link\macros\ilib_gen_loader.sci
[2011.07.20 11:06:10 | 000,009,888 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_gateway_loader.bin
[2011.02.10 18:08:34 | 000,003,166 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_gateway_loader.sci
[2011.07.20 11:06:10 | 000,007,904 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_help_loader.bin
[2011.02.10 18:08:34 | 000,002,501 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_help_loader.sci
[2011.07.20 11:06:10 | 000,008,364 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_loader.bin
[2011.02.10 18:08:34 | 000,002,663 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_loader.sci
[2012.02.02 17:09:00 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.05.27 11:43:24 | 000,001,666 | ---- | M] () -- \Program Files (x86)\Zaklínač\System\Scripts\CSkinLoader.luc
[2010.01.21 07:48:10 | 000,030,056 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2011\AecLoader.arx
[2011.02.04 11:43:34 | 000,177,376 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AcAutoLoader.arx
[2011.02.04 11:44:29 | 000,008,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AcAutoLoaderRes.dll
[2011.02.04 11:42:38 | 000,408,288 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AdDownloaderCore.dll
[2011.01.18 00:43:08 | 000,027,016 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AecLoader.arx
[2011.02.25 23:58:18 | 000,856,064 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\Acade\AceLoader.dll
[2010.11.24 13:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AdExchange\loader.gif
[2012.02.06 17:53:20 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\Help\contexthelp\APPAUTOLOADER.htm
[2011.02.15 02:34:44 | 004,864,352 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader.exe
[2010.12.02 17:06:28 | 000,009,533 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader.exe.config
[2011.01.24 17:17:32 | 000,333,030 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2010.04.19 15:40:24 | 000,005,644 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2010.04.19 15:40:24 | 000,011,500 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2010.04.19 15:40:24 | 000,019,316 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.06.12 20:03:00 | 000,000,000 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Loc\Autoloader.resources.dll
[2011.02.04 11:43:34 | 000,177,376 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AcAutoLoader.arx
[2011.02.04 11:42:38 | 000,408,288 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AdDownloaderCore.dll
[2011.01.18 00:43:08 | 000,027,016 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AecLoader.arx
[2011.02.25 23:58:18 | 000,856,064 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\Acade\AceLoader.dll
[2010.11.24 13:35:32 | 000,003,208 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AdExchange\loader.gif
[2011.02.04 13:15:30 | 000,024,800 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Components\DWGVIEWER2012\Program Files\DWG TrueView 2012\AecLoader.arx
[2011.02.04 11:44:29 | 000,008,416 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\Acade\Acad\Program Files\Root\AcAutoLoaderRes.dll
[2011.01.24 17:17:32 | 000,333,030 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2009.06.12 20:03:00 | 000,000,000 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Loc\Autoloader.resources.dll
[2011.02.15 02:34:44 | 004,864,352 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe
[2010.12.02 17:06:28 | 000,009,533 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe.config
[2010.04.19 15:40:24 | 000,005,644 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2010.04.19 15:40:24 | 000,011,500 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2010.04.19 15:40:24 | 000,019,316 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2010.04.19 15:48:24 | 000,003,702 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Samples\Autoloader\Inventor 2012\Padlock\Autoloader.ipj
[2011.02.04 13:15:30 | 000,024,800 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2012\AecLoader.arx
[2009.11.08 22:01:54 | 000,370,504 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 22:01:54 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2007.03.28 18:17:28 | 000,002,828 | ---- | M] () -- \Program Files\Longman\Longman Business English Dictionary\components\uriloader.xpt
[2011.09.25 14:01:02 | 002,777,955 | ---- | M] () -- \Program Files\Maple 15\java\wksloader.jar
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2010.03.15 12:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.02.06 18:05:11 | 000,001,782 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Data Management\Tools\Autodesk Autoloader 2012 for Vault.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.02.20 12:53:06 | 000,015,456 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\Hromy.a.Blesky.2000.DVDRip.Xvid.CZ.by.D4rR.of.PowerUploaders.avi.torrent
[2011.01.30 23:15:32 | 000,014,375 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\Legenda.o.sovich.strazcich.2010.DVDRip.XviD.CZ-iMAGiN.by.D4rR.of.PowerUploaders.avi.torrent
[2012.02.06 18:05:11 | 000,001,729 | ---- | M] () -- \Users\Admin\Documents\inventor\Autoloader.ipj.lnk
[2012.02.06 18:05:11 | 000,001,782 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Data Management\Tools\Autodesk Autoloader 2012 for Vault.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.04.19 15:48:24 | 000,003,702 | ---- | M] () -- \Users\Public\Documents\Autodesk\Vault 2012\Samples\Autoloader\Inventor 2012\Padlock\Autoloader.ipj
[2012.02.05 23:35:33 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enUS-tools-downloader.exe
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.09 23:26:54 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.09 23:26:54 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.09 23:26:55 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.09 23:26:55 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.09 23:26:55 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ebe8693eef1198d8a3ad53a7bc120e22\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ebe8693eef1198d8a3ad53a7bc120e22\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.09 20:05:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2010.11.21 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2012.02.07 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Autodesk
[2012.03.03 15:22:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2011.09.13 21:29:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BITS
[2012.05.14 16:42:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST AG
[2010.11.08 18:28:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CST DE
[2010.11.21 12:56:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\CyberLink
[2012.04.26 23:17:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010.11.11 00:06:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
[2010.11.08 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DassaultSystemes
[2010.11.26 01:56:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Design Science
[2011.03.04 20:06:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Epson
[2011.06.05 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGet
[2011.06.05 15:13:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FlashGetBHO
[2011.01.19 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FreeCDRipper
[2010.11.08 23:43:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2011.09.13 23:03:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2010.11.08 15:53:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GRETECH
[2010.11.08 01:01:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2010.11.08 01:33:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\InstallShield
[2012.04.10 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Jpeg Resampler
[2011.09.07 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LangSoft
[2011.10.16 23:15:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\lbed
[2010.11.08 02:15:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2011.02.20 19:31:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mathsoft
[2010.11.14 10:54:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MathWorks
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012.01.07 02:01:34 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2010.12.21 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mikrotik
[2012.03.15 01:28:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MiKTeX
[2010.12.04 15:36:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2012.05.03 18:27:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NVIDIA
[2011.01.15 12:21:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice.org
[2010.12.28 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas
[2011.12.23 00:13:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\QIP
[2012.02.18 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Radmin
[2011.10.17 01:00:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scilab
[2012.05.24 22:29:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2010.11.30 02:20:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Softland
[2010.11.08 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thinstall
[2011.02.23 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.05.24 22:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2011.07.11 21:43:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\vlc
[2012.05.24 16:59:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Winamp
[2010.11.08 02:18:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WinRAR
[2012.01.15 21:20:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\YCanPDF
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.02.20 19:30:23 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}\ARPPRODUCTICON.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\ARPPRODUCTICON.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
[2010.11.08 02:10:53 | 000,018,718 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut3_8315396A5EA1419DBEC4978284BDF556.exe
[2012.02.06 17:57:48 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.20 19:30:47 | 000,010,134 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Installer\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}\ARPPRODUCTICON.exe
[2010.12.21 20:37:58 | 000,040,960 | ---- | M] (ss) -- C:\Users\Admin\AppData\Roaming\PingTesterDataBas\PingIPscan2008112.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.24 18:20:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.05.24 22:20:12 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.22 20:37:50 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.05.22 20:37:49 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.05.24 15:02:32 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Nektra OEAPI" =
"OEXPRESS" =
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.22 20:58:37 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.25 16:41:12 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.24 22:14:42 | 000,000,512 | ---- | M] () MD5=6C9C447CB87888BBE17167F88CC485AE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.09.02 19:17:26 | 000,018,565 | R--- | M] () -- \Program Files (x86)\Ansoft\Designer2\Ansoft.Designer.V2.2.Crack-EFA.exe
[2001.02.09 13:03:12 | 000,000,483 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\crackb.m
[2003.10.21 08:26:04 | 000,002,931 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\crackg.m
[2005.03.07 13:35:58 | 000,000,091 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\ja\crackb.m
[2005.03.07 13:36:00 | 000,000,582 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\pde\ja\crackg.m
[2001.08.15 01:31:08 | 000,030,054 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Components\InventorView2012\Application Data\Autodesk\Inventor View 2012\Textures\surfaces\Cracks.bmp
[2001.08.15 01:31:08 | 000,030,054 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor View 2012\Textures\surfaces\Cracks.bmp
< *keygen* /s >
[2011.08.29 21:31:53 | 000,020,009 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\PC Translator 2007 full ISO(CZ)+Keygen.torrent
< *loader* /s >
[2011.08.30 11:56:58 | 000,000,020 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AVR Toolchain\doc\avr-libc\man\man3\BOOTLOADER_SECTION.3
[2011.08.25 21:42:46 | 000,067,584 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AvrStudio4\dll\AvrBootloader.dll
[2011.08.25 21:42:48 | 000,006,656 | ---- | M] () -- \Program Files (x86)\Atmel\AVR Tools\AvrStudio4\dll\AvrBootloaderps.dll
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.11.08 22:01:54 | 000,249,672 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 22:01:54 | 000,018,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.11.28 14:44:06 | 000,001,729 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATFMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,000,620 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATMMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,000,072 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,001,305 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMLoadError.CATNls
[2009.11.28 14:44:14 | 000,003,663 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2009.11.28 14:44:14 | 000,004,931 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2009.11.28 14:44:20 | 000,000,644 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2009.11.28 14:44:22 | 000,000,100 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2009.11.28 14:44:22 | 000,000,856 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\intel_a\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2009.11.28 14:45:52 | 000,001,729 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATFMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,000,620 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATMMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,000,072 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,001,305 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMLoadError.CATNls
[2009.11.28 14:46:00 | 000,003,663 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2009.11.28 14:46:00 | 000,004,931 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2009.11.28 14:46:06 | 000,000,644 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2009.11.28 14:46:06 | 000,000,100 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2009.11.28 14:46:08 | 000,000,856 | ---- | M] () -- \Program Files (x86)\CST STUDIO SUITE 2010\lib3dx\win_b64\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2012.05.08 10:59:16 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\TLoader.exe
[2008.02.08 01:09:42 | 000,014,087 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\help\toolbox\javabuilder\MWArrayAPI\com\mathworks\toolbox\javabuilder\MWCtfClassLoaderSource.html
[2003.07.10 00:11:38 | 000,011,436 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 14:21:36 | 000,000,727 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\ByteLoader.pm
[2007.01.23 16:58:08 | 000,028,960 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\DynaLoader.pm
[2003.08.14 00:44:12 | 000,012,953 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\SelfLoader.pm
[2007.01.23 16:58:08 | 000,010,818 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\XSLoader.pm
[2007.01.23 16:58:30 | 000,000,000 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.bs
[2007.01.23 16:58:28 | 000,028,782 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2007.01.23 16:58:28 | 000,000,817 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.exp
[2007.01.23 16:58:28 | 000,002,212 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.lib
[2003.07.10 00:11:48 | 000,001,324 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2008.01.17 21:28:28 | 000,002,828 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\sys\webrenderer\windows\corecomponents\components\uriloader.xpt
[2008.01.11 16:15:06 | 000,005,493 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\instrument\instrument\private\privateIviComLoader.m
[2004.07.12 14:09:10 | 000,000,215 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\local\classloader.txt
[2007.11.17 17:57:22 | 000,000,382 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\multilink\multilink\util\mu_loaderrortable.m
[2007.11.12 20:15:38 | 000,003,883 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\mpc555dk\mpc555dk\mpc555_launch_downloader.m
[2008.01.18 01:01:36 | 000,000,925 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\mpc555dk\mpc555dk\mpc555_launch_downloader.p
[2007.12.06 14:47:18 | 000,002,747 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\rtw\targets\xpc\xpc\bin\bootloader.bin
[2008.01.24 01:34:36 | 000,010,240 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\simbio\simbio\private\sysbioloader.mexw32
[2008.01.24 01:32:20 | 000,011,264 | ---- | M] () -- \Program Files (x86)\MATLAB\R2008a\toolbox\simbio\simbio\private\sysbioloader.mexw64
[2009.07.22 10:17:52 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 02:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 05:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 05:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2010.11.11 16:56:40 | 000,379,396 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\luatexbase-loader.pdf
[2010.11.11 16:56:40 | 000,000,555 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-latex.tex
[2010.11.11 16:56:40 | 000,000,548 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-plain.tex
[2010.11.11 16:56:40 | 000,000,411 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.lua
[2010.11.11 16:56:40 | 000,000,419 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.sub.lua
[2010.05.01 23:11:23 | 000,003,471 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\generic\oberdiek\luatex-loader.sty
[2010.08.05 23:18:41 | 000,001,585 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\generic\pgfplots\oldpgfcompatib\pgfplotsoldpgfsupp_loader.code.tex
[2010.11.11 16:56:40 | 000,002,580 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase-loader.sty
[2010.11.11 16:56:40 | 000,002,075 | ---- | M] () -- \Program Files (x86)\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase.loader.lua
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.11.08 16:08:36 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.11.08 16:08:41 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2011.02.10 18:08:10 | 000,000,123 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\contrib\loader.sce
[2011.04.15 00:33:42 | 000,000,601 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\contrib\xcos_toolbox_skeleton\sci_gateway\loader_gateway.sce
[2011.07.20 11:05:56 | 000,031,152 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\dynamic_link\macros\ilib_gen_loader.bin
[2011.02.10 18:08:12 | 000,007,834 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\dynamic_link\macros\ilib_gen_loader.sci
[2011.07.20 11:06:10 | 000,009,888 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_gateway_loader.bin
[2011.02.10 18:08:34 | 000,003,166 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_gateway_loader.sci
[2011.07.20 11:06:10 | 000,007,904 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_help_loader.bin
[2011.02.10 18:08:34 | 000,002,501 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_help_loader.sci
[2011.07.20 11:06:10 | 000,008,364 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_loader.bin
[2011.02.10 18:08:34 | 000,002,663 | ---- | M] () -- \Program Files (x86)\scilab-5.3.3\modules\modules_manager\macros\tbx_build_loader.sci
[2012.02.02 17:09:00 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.05.27 11:43:24 | 000,001,666 | ---- | M] () -- \Program Files (x86)\Zaklínač\System\Scripts\CSkinLoader.luc
[2010.01.21 07:48:10 | 000,030,056 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2011\AecLoader.arx
[2011.02.04 11:43:34 | 000,177,376 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AcAutoLoader.arx
[2011.02.04 11:44:29 | 000,008,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AcAutoLoaderRes.dll
[2011.02.04 11:42:38 | 000,408,288 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AdDownloaderCore.dll
[2011.01.18 00:43:08 | 000,027,016 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AecLoader.arx
[2011.02.25 23:58:18 | 000,856,064 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\Acade\AceLoader.dll
[2010.11.24 13:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\AdExchange\loader.gif
[2012.02.06 17:53:20 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Acade 2012\Help\contexthelp\APPAUTOLOADER.htm
[2011.02.15 02:34:44 | 004,864,352 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader.exe
[2010.12.02 17:06:28 | 000,009,533 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader.exe.config
[2011.01.24 17:17:32 | 000,333,030 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2010.04.19 15:40:24 | 000,005,644 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2010.04.19 15:40:24 | 000,011,500 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2010.04.19 15:40:24 | 000,019,316 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.06.12 20:03:00 | 000,000,000 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\AutoCAD Electrial 2012\Vault 2012\Autoloader\Explorer\Loc\Autoloader.resources.dll
[2011.02.04 11:43:34 | 000,177,376 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AcAutoLoader.arx
[2011.02.04 11:42:38 | 000,408,288 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AdDownloaderCore.dll
[2011.01.18 00:43:08 | 000,027,016 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AecLoader.arx
[2011.02.25 23:58:18 | 000,856,064 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\Acade\AceLoader.dll
[2010.11.24 13:35:32 | 000,003,208 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Acade\Program Files\Autodesk\Root\AdExchange\loader.gif
[2011.02.04 13:15:30 | 000,024,800 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\Components\DWGVIEWER2012\Program Files\DWG TrueView 2012\AecLoader.arx
[2011.02.04 11:44:29 | 000,008,416 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\Acade\Acad\Program Files\Root\AcAutoLoaderRes.dll
[2011.01.24 17:17:32 | 000,333,030 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2009.06.12 20:03:00 | 000,000,000 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\en-US\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Loc\Autoloader.resources.dll
[2011.02.15 02:34:44 | 004,864,352 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe
[2010.12.02 17:06:28 | 000,009,533 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe.config
[2010.04.19 15:40:24 | 000,005,644 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2010.04.19 15:40:24 | 000,011,500 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2010.04.19 15:40:24 | 000,019,316 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2010.04.19 15:48:24 | 000,003,702 | R--- | M] () -- \Program Files\Autodesk\AutoCAD 2012 elektro\x64\vault\Program Files\Autodesk\Vault 2012\Samples\Autoloader\Inventor 2012\Padlock\Autoloader.ipj
[2011.02.04 13:15:30 | 000,024,800 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2012\AecLoader.arx
[2009.11.08 22:01:54 | 000,370,504 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 22:01:54 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2007.03.28 18:17:28 | 000,002,828 | ---- | M] () -- \Program Files\Longman\Longman Business English Dictionary\components\uriloader.xpt
[2011.09.25 14:01:02 | 002,777,955 | ---- | M] () -- \Program Files\Maple 15\java\wksloader.jar
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2010.03.15 12:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.02.06 18:05:11 | 000,001,782 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Data Management\Tools\Autodesk Autoloader 2012 for Vault.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.02.20 12:53:06 | 000,015,456 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\Hromy.a.Blesky.2000.DVDRip.Xvid.CZ.by.D4rR.of.PowerUploaders.avi.torrent
[2011.01.30 23:15:32 | 000,014,375 | ---- | M] () -- \Users\Admin\AppData\Roaming\uTorrent\Legenda.o.sovich.strazcich.2010.DVDRip.XviD.CZ-iMAGiN.by.D4rR.of.PowerUploaders.avi.torrent
[2012.02.06 18:05:11 | 000,001,729 | ---- | M] () -- \Users\Admin\Documents\inventor\Autoloader.ipj.lnk
[2012.02.06 18:05:11 | 000,001,782 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Data Management\Tools\Autodesk Autoloader 2012 for Vault.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.04.19 15:48:24 | 000,003,702 | ---- | M] () -- \Users\Public\Documents\Autodesk\Vault 2012\Samples\Autoloader\Inventor 2012\Padlock\Autoloader.ipj
[2012.02.05 23:35:33 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enUS-tools-downloader.exe
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.09 23:26:54 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.09 23:26:54 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.09 23:26:55 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.09 23:26:55 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.09 23:26:55 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: Preventivně LOG
Extras.Txt
OTL Extras logfile created on: 24.5.2012 22:12:53 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,93 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,98% Memory free
16,15 Gb Paging File | 13,68 Gb Available in Paging File | 84,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 46,94 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 41,75 Gb Free Space | 8,96% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 94,04 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
Computer Name: STOLNI-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02201AAB-D540-495C-9760-0911C477686D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{02F21AEA-E2D8-4335-82D8-5EB1F041F51E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{09463D99-CB13-4778-A85A-E8505846FF55}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B95B5DE-18EE-47F9-A8D8-E96839A64387}" = lport=2869 | protocol=6 | dir=in | app=system |
"{113A8F62-6FBE-41B5-9647-C5BF696A1803}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1CE4431E-9DED-4E8C-B0B1-EB358999F5B1}" = lport=445 | protocol=6 | dir=in | app=system |
"{1DC6839E-F6B6-4A34-BC07-4907F18B5590}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2421A490-87E2-4FF6-A96A-35C8DCF15710}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3599A6BD-0CBC-48B3-B2C6-62DF4890DDC5}" = rport=139 | protocol=6 | dir=out | app=system |
"{44EC85D0-50FA-413D-AED6-8F1D16EE6C3A}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C6A182F-7F28-4C89-B833-D7F96AF189DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5D74C546-C232-426D-B66F-C3F46FCB904D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F8DA6F9-D6E5-46C9-B35D-09E1266D94B7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{63EC15D1-DE21-45D7-909F-F9C60B755320}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{78C26D16-9F6D-4ABA-8BF3-1A7D290CDDFA}" = lport=137 | protocol=17 | dir=in | app=system |
"{7CD4CBC0-9A03-41B0-AF00-2B9E2D3A52AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{864BCBAE-0BA6-45AE-B018-3B48790A6896}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F4B9F07-42D9-42AE-AAEB-7000D182530F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA40E661-C147-411C-BB3C-15917AC37954}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B4724681-FC10-4DB1-8186-F896C25051F7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1B7AEEE-76C1-4BE7-96A1-68A6CA6DD7D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{C4ADAE61-3996-4657-8194-01158B28CE42}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C681EA60-9A0D-46C9-9F41-E39DCBA57201}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8B9BB85-F24A-4835-A86C-CE8545C05596}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CE81D872-EBF7-460E-AB55-47DBB155CB94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D217BC07-2F93-44D6-B35B-7FD7A4235F56}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D490B78B-6A1D-46E4-AB5B-D3ADA44FEDBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6BFD905-5D7A-47CC-8413-5CC63F5A76AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{EB87E371-E733-48C5-B69B-BF275EA3C47D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F2532076-0FED-4053-912F-28ACAB20316E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F4818DB2-F450-4557-925C-D02A056567F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{FD09E175-C405-4886-933C-132CDCB6A263}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011616F3-714C-4264-A967-EA4105BD39B2}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\cstsmpd_amd64.exe |
"{122DBCE9-34D6-450A-A510-F5DCF95E2365}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1620A369-585D-4B92-B3BA-53B8102FE0BC}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1A8EFC57-BFFB-4971-B0EB-917A8EF42AA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{2086FFCB-EE43-4DB0-834F-588868B8C838}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2481AE4C-7F82-4E76-8795-9EE2B2DD92CE}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cst design environment.exe |
"{24D29454-EDEF-4C3F-BE04-57AAEBE63C2E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2684DB52-345D-48B1-A395-2919FF85EB31}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc main controller\cstdcmaincontroller.exe |
"{30565F36-E4FA-476D-9EB5-17D5057F186D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{33B59CBB-61B4-4152-8181-F178206023AB}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3585170B-5C5B-4F7F-9C15-2C0921C202CB}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\mpiexec_amd64.exe |
"{3A299115-8E95-4CDD-A9F3-9147BA92284F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4098C873-6EB2-454F-82B4-909B39A48311}" = protocol=6 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{412E264F-4013-4038-A231-BCC67EFE6546}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc main controller\cstdcmaincontroller.exe |
"{47321227-D6FF-412C-8666-AF00A1089B47}" = protocol=17 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"{4761D866-73E8-4FA9-BB72-74F03F783CB4}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cstsmpd.exe |
"{48BCD707-06DD-4E1F-A9D7-C1E4B50E9194}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\mpiexec_amd64.exe |
"{5658F494-4086-41A8-AF8C-A6DF7218387E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{56E0FEAD-CF41-4079-AFA5-496A3479E968}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\modeler_amd64.exe |
"{583B1D78-EA08-49B9-B7A4-C0E9F0F398FE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C0E01B5-D2CA-45A6-B6D0-0B5C4E5737F3}" = protocol=6 | dir=out | app=system |
"{65A9ECF7-1FED-4094-A48C-3459C3F64ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc solver server\cstdcsolverserver.exe |
"{66A32ED3-0F2F-4913-A39D-CC4CDAAB59BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{6ECB87C6-0BBF-496D-9428-F0B0BB2728FD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F2D4925-A293-402A-903B-4E6CD870105C}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6F3BC9D9-D788-424F-83E5-344CC0774A88}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cst design environment.exe |
"{716E8665-CC45-4397-B019-BB5B71DDF486}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\mpiexec.exe |
"{71CBB49A-FD0C-4B7A-8C23-E987837CF8B2}" = protocol=6 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"{721473CC-36E8-4DF2-8D40-38CC40A30A8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77C31E03-A578-431D-88F4-1D5B950D40F6}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cstsmpd.exe |
"{7CC26D56-0BE3-4E85-8A4C-CD100482571F}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\modeler.exe |
"{7DBE8C8B-8434-4A99-AFB8-A996E3BD908D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F4B3B9E-0A50-4EFB-B2DB-BC9B6619F9DE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80BC5ABA-EB04-4BF6-88EF-99979947CE61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{829EF40C-F630-46C2-92A6-F18ADF6606E6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A849ACC-FA2A-497B-AEB4-8AF26A103753}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\mpiexec.exe |
"{929E32A5-EF20-4B08-8058-ED8A56E2A788}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{986F1DDD-55EF-43A3-9986-6FB03D95284F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BF5DEAC0-7FDE-4E2D-B0D9-A14EA086985D}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\paracontrol_amd64.exe |
"{C0A4928B-F5B2-4B0A-869B-A8625B105D27}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\modeler_amd64.exe |
"{C1033673-3934-4407-98DB-C94B8427F9C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CC259B18-878C-43D0-A1AF-317A3F3CDB4A}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\paracontrol_amd64.exe |
"{CF69AE21-67BD-4DC3-8912-A4A180F1E144}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D298C669-B456-48BC-85B6-7747900834FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D59CF6C5-4D92-4DD9-A2E9-B01CD94FE661}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6EB327E-0D70-4D94-982A-E82B5042D90D}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{D9A1C8C4-ED2C-4EDF-B121-9DCCEF25EB26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD5D5960-F299-4BE2-9F8C-99291A098712}" = protocol=17 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{E000E79C-5F6B-4D92-A57A-8A1CA476A94A}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\cstsmpd_amd64.exe |
"{E41D1161-7A41-4ADA-B0B4-A0A4E8B353CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ECE6A68A-2497-4631-90EC-DB7A159799D8}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\modeler.exe |
"{EEE2A338-9DE7-4D4D-89F9-1C96A0F4A2DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F06DD611-22D2-4007-99A6-6C25D91ABAEB}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\paracontrol.exe |
"{F31A2BD9-9A23-40FD-B87A-D08E7D94B87B}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\paracontrol.exe |
"{F9C9B3D7-5300-4054-B0E1-DF579D6F3FCE}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc solver server\cstdcsolverserver.exe |
"TCP Query User{43660564-C33C-40D4-8060-FEED2C4F8799}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{873CB0BC-E1DD-4F66-9237-78A455020BB2}C:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe |
"TCP Query User{C6836A87-6476-4D77-8366-6186162D1FBF}F:\epsonnet easyinstall\easyinstall.exe" = protocol=6 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"UDP Query User{228DD67D-AABD-45B0-B9B4-8B145024D72F}C:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe |
"UDP Query User{6E7A17ED-ADDA-4E94-99E0-B7C54657AE57}F:\epsonnet easyinstall\easyinstall.exe" = protocol=17 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"UDP Query User{ADD34C7F-002A-4A0A-A0B1-3D0878C68D3E}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{266597A9-1664-0000-0100-DCBF2B69166B}" = Autodesk Vault 2012 (Client) English Language Pack
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5783F2D7-9001-0405-0102-0060B0CE6BBA}" = AutoCAD 2011 - česky
"{5783F2D7-9001-0405-1102-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - česky
"{5783F2D7-A007-0409-0102-0060B0CE6BBA}" = AutoCAD Electrical 2012
"{5783F2D7-A007-0409-1102-0060B0CE6BBA}" = AutoCAD Electrical 2012 Language Pack - English
"{5783F2D7-A028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2012
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76D6189D-1664-0400-0000-DFC2EE337EAC}" = Autodesk Inventor View 2012
"{76D6189D-1664-0400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2012 English Language Pack
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CF526A26-1664-0000-0000-02E95019B628}" = Autodesk Vault 2012 (Client)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AutoCAD 2011 - česky" = AutoCAD 2011 - česky
"AutoCAD Electrical 2012" = AutoCAD Electrical 2012
"Autodesk Inventor View 2012" = Autodesk Inventor View 2012 English
"Canon LBP6300" = Canon LBP6300
"CCleaner" = CCleaner
"C-Media CM112 Like Sound Driver" = Genius USB Audio
"doPDF 7 printer_is1" = doPDF 7.3 printer
"DWG TrueView 2012" = DWG TrueView 2012
"Maple 15" = Maple 15
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"scilab-5.3.3 (64-bit)_is1" = scilab-5.3.3 (64-bit)
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0B9E27C7-9ECD-4362-B311-030EA48F8E72}" = Crystal XI
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{106EF727-69C1-429D-ABCD-ACA6DEE582EF}" = CST STUDIO SUITE 2010
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14.0 M020 Help
"{21742BF7-C002-40A7-9FF3-49D9A09DC3A8}" = AVRStudio4
"{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.1
"{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}" = Radmin Viewer 3.4
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2CE5E313-EC49-4527-A752-6DC89FE51C0D}" = AVR Toolchain
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{333BECA0-DED8-4139-A516-8D9E44E22669}" = Kerio Personal Firewall
"{3A8C4C87-D460-488A-A0AA-8993F6D355B1}" = Radmin Server 3.4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{8796E14E-2031-463F-8A9A-31062B2652B4}" = Mathcad 14.0 M020
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CBC8738-C5D1-43A3-94EF-D867CD4E4C69}" = IP Calculator
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B3131F98-FC4B-4931-9D01-723C61F1AFBD}_is1" = Yaho's Miranda Pack - Light Edition 4.8
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{C1AC4F7A-4B50-4903-882A-D61D3D13782D}" = AVR Studio 4.19
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVR Studio 4.19
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{DDC0FC3C-70D7-41F3-803A-C92484EE53AC}" = AVRStudio4
"{E3E2AC82-F1B6-4298-B770-55A956C285CF}" = Ansoft Designer 2.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = AVR Jungo USB
"{EB026BC8-E00C-499D-BD87-89A0566BEB0E}" = AVRStudio4
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14.0 M020 Resource Center
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač
"{F6A3CF9D-A775-41F6-AA22-68EF52893339}" = Release OrCAD 10.0
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"4nec2_is1" = 4nec2 full version 5.8.7
"4Story_CZ_is1" = 4Story CZ 3.9.78
"Absolute Uninstaller_is1" = Absolute Uninstaller 2.8.0.636
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Vault 2012 (Client)" = Autodesk Vault 2012 (Client)
"avast" = avast! Free Antivirus
"DSMT6" = MathType 6
"Dude" = The Dude
"EAGLE 5.11.0" = EAGLE 5.11.0
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Generic USB 112 Sound" = HS-04U
"GOM Player" = GOM Player
"Graph_is1" = Graph 4.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"Maple 15" = Maple 15
"MatlabR2008a" = MATLAB R2008a
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"Mozilla Thunderbird 12.0.1 (x86 cs)" = Mozilla Thunderbird 12.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MV2Player" = MV2Player (remove only)
"NSIS_lbed" = Longman Business English Dictionary
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PokerStars" = PokerStars
"QUICKfind" = QUICKfind server v1.1
"Some PDF to Word Converter_is1" = Some PDF to Word Converter 1.5
"Ten Little Indians" = Ten Little Indians
"Totalcmd" = Total Commander (Remove or Repair)
"Universal Extractor_is1" = Universal Extractor 1.6
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp
"WinDjView" = WinDjView 1.0
"World of Warcraft" = World of Warcraft
"Yagi Calculator_is1" = Yagi Calculator Version 2.6.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7000
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.5.2012 0:00:04 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 0:00:04 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1590 Čas spuštění chybující aplikace: 0x01cd2f2a8b57bf87 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: c95fe8e7-9b1d-11e1-a376-1c6f6544c60b
Error - 11.5.2012 0:09:57 | Computer Name = Stolni-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .
Error - 11.5.2012 7:51:48 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:52:06 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0xd30 Čas spuštění chybující aplikace: 0x01cd2f6c65f8331f Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ba787da9-9b5f-11e1-a804-1c6f6544c60b
Error - 11.5.2012 7:52:24 | Computer Name = Stolni-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .
Error - 11.5.2012 7:53:17 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:53:19 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1410 Čas spuštění chybující aplikace: 0x01cd2f6ca5fcc577 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: e618bb70-9b5f-11e1-a804-1c6f6544c60b
Error - 11.5.2012 7:53:48 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:53:48 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1574 Čas spuštění chybující aplikace: 0x01cd2f6cb997ac94 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: f7b0ed34-9b5f-11e1-a804-1c6f6544c60b
[ System Events ]
Error - 24.5.2012 8:59:50 | Computer Name = Stolni-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\khips.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 24.5.2012 9:01:49 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby CST DC Main Controller 2010 bylo dosaženo
časového limitu (30000 ms).
Error - 24.5.2012 9:01:49 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba CST DC Main Controller 2010 neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 24.5.2012 9:02:22 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby CST DC Solver Server 2010 bylo dosaženo
časového limitu (30000 ms).
Error - 24.5.2012 9:02:22 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba CST DC Solver Server 2010 neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 24.5.2012 9:02:23 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba DS1410D neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 24.5.2012 9:04:09 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: fwdrv khips
Error - 24.5.2012 9:05:13 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7031
Description = Služba Autodesk Content Service byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.
Error - 24.5.2012 9:05:27 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7031
Description = Služba Autodesk Content Service byla nečekaně ukončena. Stalo se to
2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.
Error - 24.5.2012 9:05:38 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7034
Description = Služba Autodesk Content Service byla neočekávaně ukončena. Tento stav
nastal již 3krát.
< End of report >
OTL Extras logfile created on: 24.5.2012 22:12:53 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,93 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,98% Memory free
16,15 Gb Paging File | 13,68 Gb Available in Paging File | 84,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 46,94 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 41,75 Gb Free Space | 8,96% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 94,04 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
Computer Name: STOLNI-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02201AAB-D540-495C-9760-0911C477686D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{02F21AEA-E2D8-4335-82D8-5EB1F041F51E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{09463D99-CB13-4778-A85A-E8505846FF55}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B95B5DE-18EE-47F9-A8D8-E96839A64387}" = lport=2869 | protocol=6 | dir=in | app=system |
"{113A8F62-6FBE-41B5-9647-C5BF696A1803}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1CE4431E-9DED-4E8C-B0B1-EB358999F5B1}" = lport=445 | protocol=6 | dir=in | app=system |
"{1DC6839E-F6B6-4A34-BC07-4907F18B5590}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2421A490-87E2-4FF6-A96A-35C8DCF15710}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3599A6BD-0CBC-48B3-B2C6-62DF4890DDC5}" = rport=139 | protocol=6 | dir=out | app=system |
"{44EC85D0-50FA-413D-AED6-8F1D16EE6C3A}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C6A182F-7F28-4C89-B833-D7F96AF189DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5D74C546-C232-426D-B66F-C3F46FCB904D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F8DA6F9-D6E5-46C9-B35D-09E1266D94B7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{63EC15D1-DE21-45D7-909F-F9C60B755320}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{78C26D16-9F6D-4ABA-8BF3-1A7D290CDDFA}" = lport=137 | protocol=17 | dir=in | app=system |
"{7CD4CBC0-9A03-41B0-AF00-2B9E2D3A52AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{864BCBAE-0BA6-45AE-B018-3B48790A6896}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F4B9F07-42D9-42AE-AAEB-7000D182530F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA40E661-C147-411C-BB3C-15917AC37954}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B4724681-FC10-4DB1-8186-F896C25051F7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1B7AEEE-76C1-4BE7-96A1-68A6CA6DD7D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{C4ADAE61-3996-4657-8194-01158B28CE42}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C681EA60-9A0D-46C9-9F41-E39DCBA57201}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8B9BB85-F24A-4835-A86C-CE8545C05596}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CE81D872-EBF7-460E-AB55-47DBB155CB94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D217BC07-2F93-44D6-B35B-7FD7A4235F56}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D490B78B-6A1D-46E4-AB5B-D3ADA44FEDBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6BFD905-5D7A-47CC-8413-5CC63F5A76AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{EB87E371-E733-48C5-B69B-BF275EA3C47D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F2532076-0FED-4053-912F-28ACAB20316E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F4818DB2-F450-4557-925C-D02A056567F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{FD09E175-C405-4886-933C-132CDCB6A263}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011616F3-714C-4264-A967-EA4105BD39B2}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\cstsmpd_amd64.exe |
"{122DBCE9-34D6-450A-A510-F5DCF95E2365}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1620A369-585D-4B92-B3BA-53B8102FE0BC}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1A8EFC57-BFFB-4971-B0EB-917A8EF42AA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{2086FFCB-EE43-4DB0-834F-588868B8C838}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2481AE4C-7F82-4E76-8795-9EE2B2DD92CE}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cst design environment.exe |
"{24D29454-EDEF-4C3F-BE04-57AAEBE63C2E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2684DB52-345D-48B1-A395-2919FF85EB31}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc main controller\cstdcmaincontroller.exe |
"{30565F36-E4FA-476D-9EB5-17D5057F186D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{33B59CBB-61B4-4152-8181-F178206023AB}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3585170B-5C5B-4F7F-9C15-2C0921C202CB}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\mpiexec_amd64.exe |
"{3A299115-8E95-4CDD-A9F3-9147BA92284F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4098C873-6EB2-454F-82B4-909B39A48311}" = protocol=6 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{412E264F-4013-4038-A231-BCC67EFE6546}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc main controller\cstdcmaincontroller.exe |
"{47321227-D6FF-412C-8666-AF00A1089B47}" = protocol=17 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"{4761D866-73E8-4FA9-BB72-74F03F783CB4}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cstsmpd.exe |
"{48BCD707-06DD-4E1F-A9D7-C1E4B50E9194}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\mpiexec_amd64.exe |
"{5658F494-4086-41A8-AF8C-A6DF7218387E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{56E0FEAD-CF41-4079-AFA5-496A3479E968}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\modeler_amd64.exe |
"{583B1D78-EA08-49B9-B7A4-C0E9F0F398FE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C0E01B5-D2CA-45A6-B6D0-0B5C4E5737F3}" = protocol=6 | dir=out | app=system |
"{65A9ECF7-1FED-4094-A48C-3459C3F64ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc solver server\cstdcsolverserver.exe |
"{66A32ED3-0F2F-4913-A39D-CC4CDAAB59BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{6ECB87C6-0BBF-496D-9428-F0B0BB2728FD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F2D4925-A293-402A-903B-4E6CD870105C}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6F3BC9D9-D788-424F-83E5-344CC0774A88}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cst design environment.exe |
"{716E8665-CC45-4397-B019-BB5B71DDF486}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\mpiexec.exe |
"{71CBB49A-FD0C-4B7A-8C23-E987837CF8B2}" = protocol=6 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"{721473CC-36E8-4DF2-8D40-38CC40A30A8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77C31E03-A578-431D-88F4-1D5B950D40F6}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\cstsmpd.exe |
"{7CC26D56-0BE3-4E85-8A4C-CD100482571F}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\modeler.exe |
"{7DBE8C8B-8434-4A99-AFB8-A996E3BD908D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F4B3B9E-0A50-4EFB-B2DB-BC9B6619F9DE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80BC5ABA-EB04-4BF6-88EF-99979947CE61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{829EF40C-F630-46C2-92A6-F18ADF6606E6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A849ACC-FA2A-497B-AEB4-8AF26A103753}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\mpiexec.exe |
"{929E32A5-EF20-4B08-8058-ED8A56E2A788}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{986F1DDD-55EF-43A3-9986-6FB03D95284F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BF5DEAC0-7FDE-4E2D-B0D9-A14EA086985D}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\paracontrol_amd64.exe |
"{C0A4928B-F5B2-4B0A-869B-A8625B105D27}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\modeler_amd64.exe |
"{C1033673-3934-4407-98DB-C94B8427F9C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CC259B18-878C-43D0-A1AF-317A3F3CDB4A}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\paracontrol_amd64.exe |
"{CF69AE21-67BD-4DC3-8912-A4A180F1E144}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D298C669-B456-48BC-85B6-7747900834FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D59CF6C5-4D92-4DD9-A2E9-B01CD94FE661}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6EB327E-0D70-4D94-982A-E82B5042D90D}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{D9A1C8C4-ED2C-4EDF-B121-9DCCEF25EB26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD5D5960-F299-4BE2-9F8C-99291A098712}" = protocol=17 | dir=in | app=c:\windows\syswow64\rserver30\rserver3.exe |
"{E000E79C-5F6B-4D92-A57A-8A1CA476A94A}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\amd64\cstsmpd_amd64.exe |
"{E41D1161-7A41-4ADA-B0B4-A0A4E8B353CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ECE6A68A-2497-4631-90EC-DB7A159799D8}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\modeler.exe |
"{EEE2A338-9DE7-4D4D-89F9-1C96A0F4A2DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F06DD611-22D2-4007-99A6-6C25D91ABAEB}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\paracontrol.exe |
"{F31A2BD9-9A23-40FD-B87A-D08E7D94B87B}" = protocol=6 | dir=in | app=c:\program files (x86)\cst studio suite 2010\paracontrol.exe |
"{F9C9B3D7-5300-4054-B0E1-DF579D6F3FCE}" = protocol=17 | dir=in | app=c:\program files (x86)\cst studio suite 2010\dc solver server\cstdcsolverserver.exe |
"TCP Query User{43660564-C33C-40D4-8060-FEED2C4F8799}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{873CB0BC-E1DD-4F66-9237-78A455020BB2}C:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe |
"TCP Query User{C6836A87-6476-4D77-8366-6186162D1FBF}F:\epsonnet easyinstall\easyinstall.exe" = protocol=6 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"UDP Query User{228DD67D-AABD-45B0-B9B4-8B145024D72F}C:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kerio\personal firewall 4\kpf4gui.exe |
"UDP Query User{6E7A17ED-ADDA-4E94-99E0-B7C54657AE57}F:\epsonnet easyinstall\easyinstall.exe" = protocol=17 | dir=in | app=f:\epsonnet easyinstall\easyinstall.exe |
"UDP Query User{ADD34C7F-002A-4A0A-A0B1-3D0878C68D3E}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{266597A9-1664-0000-0100-DCBF2B69166B}" = Autodesk Vault 2012 (Client) English Language Pack
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5783F2D7-9001-0405-0102-0060B0CE6BBA}" = AutoCAD 2011 - česky
"{5783F2D7-9001-0405-1102-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - česky
"{5783F2D7-A007-0409-0102-0060B0CE6BBA}" = AutoCAD Electrical 2012
"{5783F2D7-A007-0409-1102-0060B0CE6BBA}" = AutoCAD Electrical 2012 Language Pack - English
"{5783F2D7-A028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2012
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{76D6189D-1664-0400-0000-DFC2EE337EAC}" = Autodesk Inventor View 2012
"{76D6189D-1664-0400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2012 English Language Pack
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CF526A26-1664-0000-0000-02E95019B628}" = Autodesk Vault 2012 (Client)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AutoCAD 2011 - česky" = AutoCAD 2011 - česky
"AutoCAD Electrical 2012" = AutoCAD Electrical 2012
"Autodesk Inventor View 2012" = Autodesk Inventor View 2012 English
"Canon LBP6300" = Canon LBP6300
"CCleaner" = CCleaner
"C-Media CM112 Like Sound Driver" = Genius USB Audio
"doPDF 7 printer_is1" = doPDF 7.3 printer
"DWG TrueView 2012" = DWG TrueView 2012
"Maple 15" = Maple 15
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"scilab-5.3.3 (64-bit)_is1" = scilab-5.3.3 (64-bit)
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0B9E27C7-9ECD-4362-B311-030EA48F8E72}" = Crystal XI
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{106EF727-69C1-429D-ABCD-ACA6DEE582EF}" = CST STUDIO SUITE 2010
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14.0 M020 Help
"{21742BF7-C002-40A7-9FF3-49D9A09DC3A8}" = AVRStudio4
"{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.1
"{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}" = Radmin Viewer 3.4
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2CE5E313-EC49-4527-A752-6DC89FE51C0D}" = AVR Toolchain
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{333BECA0-DED8-4139-A516-8D9E44E22669}" = Kerio Personal Firewall
"{3A8C4C87-D460-488A-A0AA-8993F6D355B1}" = Radmin Server 3.4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{8796E14E-2031-463F-8A9A-31062B2652B4}" = Mathcad 14.0 M020
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CBC8738-C5D1-43A3-94EF-D867CD4E4C69}" = IP Calculator
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B3131F98-FC4B-4931-9D01-723C61F1AFBD}_is1" = Yaho's Miranda Pack - Light Edition 4.8
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{C1AC4F7A-4B50-4903-882A-D61D3D13782D}" = AVR Studio 4.19
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVR Studio 4.19
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{DDC0FC3C-70D7-41F3-803A-C92484EE53AC}" = AVRStudio4
"{E3E2AC82-F1B6-4298-B770-55A956C285CF}" = Ansoft Designer 2.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = AVR Jungo USB
"{EB026BC8-E00C-499D-BD87-89A0566BEB0E}" = AVRStudio4
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14.0 M020 Resource Center
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač
"{F6A3CF9D-A775-41F6-AA22-68EF52893339}" = Release OrCAD 10.0
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"4nec2_is1" = 4nec2 full version 5.8.7
"4Story_CZ_is1" = 4Story CZ 3.9.78
"Absolute Uninstaller_is1" = Absolute Uninstaller 2.8.0.636
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Vault 2012 (Client)" = Autodesk Vault 2012 (Client)
"avast" = avast! Free Antivirus
"DSMT6" = MathType 6
"Dude" = The Dude
"EAGLE 5.11.0" = EAGLE 5.11.0
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Generic USB 112 Sound" = HS-04U
"GOM Player" = GOM Player
"Graph_is1" = Graph 4.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"Maple 15" = Maple 15
"MatlabR2008a" = MATLAB R2008a
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"Mozilla Thunderbird 12.0.1 (x86 cs)" = Mozilla Thunderbird 12.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MV2Player" = MV2Player (remove only)
"NSIS_lbed" = Longman Business English Dictionary
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PokerStars" = PokerStars
"QUICKfind" = QUICKfind server v1.1
"Some PDF to Word Converter_is1" = Some PDF to Word Converter 1.5
"Ten Little Indians" = Ten Little Indians
"Totalcmd" = Total Commander (Remove or Repair)
"Universal Extractor_is1" = Universal Extractor 1.6
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp
"WinDjView" = WinDjView 1.0
"World of Warcraft" = World of Warcraft
"Yagi Calculator_is1" = Yagi Calculator Version 2.6.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7000
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.5.2012 0:00:04 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 0:00:04 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1590 Čas spuštění chybující aplikace: 0x01cd2f2a8b57bf87 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: c95fe8e7-9b1d-11e1-a376-1c6f6544c60b
Error - 11.5.2012 0:09:57 | Computer Name = Stolni-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .
Error - 11.5.2012 7:51:48 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:52:06 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0xd30 Čas spuštění chybující aplikace: 0x01cd2f6c65f8331f Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ba787da9-9b5f-11e1-a804-1c6f6544c60b
Error - 11.5.2012 7:52:24 | Computer Name = Stolni-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .
Error - 11.5.2012 7:53:17 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:53:19 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1410 Čas spuštění chybující aplikace: 0x01cd2f6ca5fcc577 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: e618bb70-9b5f-11e1-a804-1c6f6544c60b
Error - 11.5.2012 7:53:48 | Computer Name = Stolni-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 11.5.2012 7:53:48 | Computer Name = Stolni-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Connect.Service.ContentService.exe, verze:
2.0.90.0, časové razítko: 0x4d49aaf8 Název chybujícího modulu: KERNELBASE.dll, verze:
6.1.7601.17651, časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc
ID
chybujícího procesu: 0x1574 Čas spuštění chybující aplikace: 0x01cd2f6cb997ac94 Cesta
k chybující aplikaci: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: f7b0ed34-9b5f-11e1-a804-1c6f6544c60b
[ System Events ]
Error - 24.5.2012 8:59:50 | Computer Name = Stolni-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\khips.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 24.5.2012 9:01:49 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby CST DC Main Controller 2010 bylo dosaženo
časového limitu (30000 ms).
Error - 24.5.2012 9:01:49 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba CST DC Main Controller 2010 neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 24.5.2012 9:02:22 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby CST DC Solver Server 2010 bylo dosaženo
časového limitu (30000 ms).
Error - 24.5.2012 9:02:22 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba CST DC Solver Server 2010 neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 24.5.2012 9:02:23 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7000
Description = Služba DS1410D neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 24.5.2012 9:04:09 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: fwdrv khips
Error - 24.5.2012 9:05:13 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7031
Description = Služba Autodesk Content Service byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.
Error - 24.5.2012 9:05:27 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7031
Description = Služba Autodesk Content Service byla nečekaně ukončena. Stalo se to
2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.
Error - 24.5.2012 9:05:38 | Computer Name = Stolni-PC | Source = Service Control Manager | ID = 7034
Description = Služba Autodesk Content Service byla neočekávaně ukončena. Tento stav
nastal již 3krát.
< End of report >
Re: Preventivně LOG
Tohle Windows7Loader.exe ale asi nebude simulator akvarijnich rybicek,ale spise crack na windows, ktere mate "koupene", takze? Pravidla fora jsou docela jasna...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivně LOG
Aha, tak to se omlouvám.
Re: Preventivně LOG
za co? ze tu ze me se snazite delat medvidky ze jste si windows cracknul a me nutite ze je mate koupeny
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivně LOG
No jak jsem psal PC jsem dostal, nic jsem ne-crackoval. Windows jsem nekupoval už tam byli.
Re: Preventivně LOG
Tentokrate poresime, priste bude pomoc s nelegalnimi windows odmitnuta dle pravidel fora Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes,DefaultScope = {87B99FE4-8700-407d-B86B-1EB3DD7CC324} IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109993&babsrc=SP_ss&mntrId=2c6a48620000000000001c6f6544c60b IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}: "URL" = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346 IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM IE - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..\SearchScopes\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109993&babsrc=adbartrp&mntrId=2c6a48620000000000001c6f6544c60b&q=" [2012.03.03 15:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O33 - MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\Shell - "" = AutoRun [2012.05.24 18:20:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.05.24 22:20:12 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job :services gupdate gupdatem :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Nektra OEAPI"=- "OEXPRESS"=- "Infium"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] /64 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] /64 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "CSTDCMainController2010"=- "CSTDCSolverServer2010"=- "BCU"=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivně LOG
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ deleted successfully.
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll moved successfully.
HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "http://search.babylon.com/?AF=109993&ba ... 544c60b&q=" removed from keyword.URL
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:SystemPropertiesPerformance.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:userinit.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:SystemPropertiesPerformance.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\ not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CSTDCMainController2010 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CSTDCSolverServer2010 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCU deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 4629642 bytes
->Temporary Internet Files folder emptied: 3117221 bytes
->Java cache emptied: 18748743 bytes
->FireFox cache emptied: 564537697 bytes
->Flash cache emptied: 4841 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1662 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 10044194177 bytes
Total Files Cleaned = 10 143,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.1 log created on 05252012_215023
Files\Folders moved on Reboot...
C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ deleted successfully.
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll moved successfully.
HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26F9DBB6-F8BF-4f30-AD1A-2CAB21E25A87}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87B99FE4-8700-407d-B86B-1EB3DD7CC324}\ not found.
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C91BEE9B-7AAC-40d1-9F6C-4CA995538949}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "http://search.babylon.com/?AF=109993&ba ... 544c60b&q=" removed from keyword.URL
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2528120436-1575494726-1815414232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:SystemPropertiesPerformance.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:userinit.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:SystemPropertiesPerformance.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98b8c740-52eb-11e1-acfb-1c6f6544c60b}\ not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CSTDCMainController2010 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CSTDCSolverServer2010 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCU deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 4629642 bytes
->Temporary Internet Files folder emptied: 3117221 bytes
->Java cache emptied: 18748743 bytes
->FireFox cache emptied: 564537697 bytes
->Flash cache emptied: 4841 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1662 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 10044194177 bytes
Total Files Cleaned = 10 143,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.1 log created on 05252012_215023
Files\Folders moved on Reboot...
C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Preventivně LOG
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?