Dobrý den prosím o preventivní kontrolu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by MEK at 2012-06-15 13:04:37
Microsoft Windows 7 Home Premium
System drive C: has 3 GB (6%) free of 52 GB
Total RAM: 6139 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:40, on 15.6.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
H:\ZÁLOHA\Saved Games\LWEMon.exe
C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
H:\CALL OF DUTY 2\steam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\MEK.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {3d8ff719-f23c-4130-bde1-61ed2cc017b0} - (no file)
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Start WingMan Profiler] "H:\ZÁLOHA\Saved Games\lwemon.exe" /noui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11470 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2288
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\M-AudioTaskBarIcon.exe"
"H:\ZÁLOHA\Saved Games\LWEMon.exe" /noui
"C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"H:\CALL OF DUTY 2\steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
taskeng.exe {37A7B96B-E7D1-4B65-9094-309F28CE33EF}
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3752 CREDAT:203009
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\MEK\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for MEK.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-18 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-01 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-01 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-08 9642528]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-12-07 798728]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=H:\ZÁLOHA\Saved Games\lwemon.exe [2003-08-07 77824]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup []
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler []
"DriverScanner"=C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe delay 20000 []
"CreativeTaskScheduler"=C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 2114376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
H:\CALL OF DUTY 2\steam.exe [2011-08-04 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-06-15 13:04:37 ----DC---- C:\rsit
2012-06-15 13:04:37 ----D---- C:\Program Files\trend micro
2012-06-12 13:39:06 ----D---- C:\ProgramData\THQ
2012-06-05 20:36:38 ----A---- C:\Windows\system32\FntCache.dll
2012-06-05 06:28:29 ----D---- C:\Windows\SYSWOW64\Wat
2012-06-05 06:28:29 ----D---- C:\Windows\system32\Wat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\admparse.dll
2012-06-05 06:00:40 ----D---- C:\Windows\system32\SPReview
2012-06-05 06:00:12 ----D---- C:\Windows\system32\EventProviders
2012-06-05 05:50:17 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wintrust.dll
2012-06-05 05:10:49 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-06-05 05:10:49 ----A---- C:\Windows\system32\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d2d1.dll
2012-06-05 05:10:27 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-06-05 05:10:27 ----A---- C:\Windows\system32\quartz.dll
2012-06-05 05:10:26 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-05 05:10:26 ----A---- C:\Windows\system32\qdvd.dll
2012-06-05 05:10:23 ----A---- C:\Windows\system32\shell32.dll
2012-06-05 05:10:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-06-05 05:10:21 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-06-05 05:10:21 ----A---- C:\Windows\system32\ntshrui.dll
2012-06-05 05:10:20 ----A---- C:\Windows\system32\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspisrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsass.exe
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsasrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\cng.sys
2012-06-05 05:10:18 ----A---- C:\Windows\system32\csrsrv.dll
2012-06-05 05:10:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-05 05:10:14 ----A---- C:\Windows\system32\win32k.sys
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-05 05:09:45 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-06-05 05:09:45 ----A---- C:\Windows\system32\prevhost.exe
2012-06-05 05:09:41 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-06-05 05:09:40 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\storport.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-06-05 05:09:37 ----A---- C:\Windows\system32\drivers\afd.sys
2012-06-05 05:09:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-06-05 05:09:27 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-06-05 05:09:27 ----A---- C:\Windows\system32\msvcrt.dll
2012-06-05 05:09:26 ----A---- C:\Windows\system32\EncDec.dll
2012-06-05 05:09:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-06-05 05:09:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-06-05 05:09:21 ----A---- C:\Windows\system32\tzres.dll
2012-06-05 05:06:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-05 05:06:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-06-05 05:06:22 ----A---- C:\Windows\system32\ntdll.dll
2012-06-05 05:06:19 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-06-05 05:06:19 ----A---- C:\Windows\system32\packager.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-04 20:47:58 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-01 13:26:34 ----D---- C:\ProgramData\Ask
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\java.exe
2012-05-31 18:17:41 ----A---- C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2012-05-24 06:31:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-24 05:55:13 ----D---- C:\Windows\SYSWOW64\Adobe
======List of files/folders modified in the last 1 month======
2012-06-15 13:04:40 ----D---- C:\Windows\Prefetch
2012-06-15 13:04:38 ----D---- C:\Windows\Temp
2012-06-15 13:04:37 ----RD---- C:\Program Files
2012-06-15 12:13:43 ----D---- C:\ProgramData\NVIDIA
2012-06-14 20:24:33 ----SHD---- C:\System Volume Information
2012-06-12 20:31:04 ----D---- C:\Windows\system32\config
2012-06-12 13:39:06 ----HD---- C:\ProgramData
2012-06-12 12:50:21 ----D---- C:\Windows
2012-06-11 08:37:43 ----D---- C:\Windows\System32
2012-06-11 08:37:43 ----D---- C:\Windows\inf
2012-06-11 08:37:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-08 08:14:15 ----SHD---- C:\Windows\Installer
2012-06-08 08:13:21 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-06-08 08:13:17 ----RSD---- C:\Windows\assembly
2012-06-08 08:12:46 ----RSD---- C:\Windows\Fonts
2012-06-08 08:10:06 ----D---- C:\Windows\winsxs
2012-06-08 07:35:22 ----D---- C:\ProgramData\CanonIJPLM
2012-06-07 14:45:25 ----D---- C:\Windows\system32\catroot2
2012-06-06 11:13:25 ----D---- C:\Windows\Microsoft.NET
2012-06-05 20:36:32 ----D---- C:\Windows\system32\catroot
2012-06-05 17:36:08 ----D---- C:\Windows\rescache
2012-06-05 14:06:14 ----D---- C:\ProgramData\Ubisoft
2012-06-05 13:51:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-05 06:28:32 ----D---- C:\Windows\SysWOW64
2012-06-05 06:28:32 ----D---- C:\Windows\ehome
2012-06-05 06:28:32 ----D---- C:\Program Files\Common Files\System
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\migration
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\system32\drivers
2012-06-05 06:28:31 ----D---- C:\Windows\system32\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\AppPatch
2012-06-05 06:28:31 ----D---- C:\Program Files\Internet Explorer
2012-06-05 06:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-05 06:28:30 ----D---- C:\Windows\system32\migration
2012-06-05 06:28:30 ----D---- C:\Windows\system32\en-US
2012-06-05 06:28:30 ----D---- C:\Windows\PolicyDefinitions
2012-06-05 06:28:28 ----D---- C:\Program Files\Windows Journal
2012-06-05 06:28:26 ----D---- C:\Windows\system32\DriverStore
2012-06-05 06:16:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-06-05 06:09:32 ----D---- C:\Windows\Logs
2012-06-03 05:34:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-06-02 17:13:03 ----D---- C:\Windows\system32\NDF
2012-06-01 17:37:29 ----RD---- C:\Program Files (x86)
2012-06-01 17:36:48 ----D---- C:\Windows\system32\Tasks
2012-06-01 14:18:48 ----D---- C:\Program Files\Bonjour
2012-06-01 14:18:48 ----D---- C:\Program Files (x86)\Bonjour
2012-06-01 13:26:50 ----D---- C:\Program Files (x86)\Common Files
2012-06-01 13:25:13 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-06-01 13:13:59 ----D---- C:\Windows\pss
2012-05-31 17:02:16 ----D---- C:\ProgramData\CanonIJ
2012-05-31 16:53:08 ----D---- C:\Windows\system32\FxsTmp
2012-05-24 06:31:31 ----D---- C:\Windows\Tasks
2012-05-24 05:55:14 ----D---- C:\Windows\Downloaded Program Files
2012-05-22 16:52:42 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-05-20 17:12:09 ----D---- C:\Program Files\Google
2012-05-20 17:12:09 ----D---- C:\Program Files (x86)\Google
2012-05-20 14:51:57 ----D---- C:\ProgramData\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-01-11 314016]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-01-11 43680]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-08 2223392]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-24 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys []
S3 ate3n3ht;ate3n3ht; C:\Windows\system32\drivers\ate3n3ht.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-09-23 30528]
S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2011-06-21 768128]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2010-12-07 187912]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUSB;Alpha; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
S3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-05-20 286720]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-14 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-05-31 529232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-10-04 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-04 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu
Zdravim a pekny vecer preji 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
Dobrý den vyosek 
OTL logfile created on: 17.6.2012 6:08:39 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\MEK\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,72 Gb Available Physical Memory | 78,78% Memory free
11,99 Gb Paging File | 10,62 Gb Available in Paging File | 88,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,65 Gb Total Space | 2,29 Gb Free Space | 4,52% Space Free | Partition Type: NTFS
Drive D: | 43,78 Gb Total Space | 34,76 Gb Free Space | 79,40% Space Free | Partition Type: NTFS
Drive E: | 44,85 Gb Total Space | 42,96 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 9,76 Gb Total Space | 8,87 Gb Free Space | 90,84% Space Free | Partition Type: NTFS
Drive G: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 596,17 Gb Total Space | 419,96 Gb Free Space | 70,44% Space Free | Partition Type: NTFS
Computer Name: MEK-PC | User Name: MEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.06.16 07:49:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
PRC - [2012.02.14 19:59:00 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.10.21 06:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.08.04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
PRC - [2003.08.07 12:39:22 | 000,077,824 | ---- | M] (Logitech Inc.) -- H:\ZÁLOHA\Saved Games\LWEMon.exe
========== Modules (No Company Name) ==========
MOD - [2009.07.30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.05.31 17:51:09 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.24 06:31:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.02.14 19:59:00 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.04 11:52:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.04 11:51:42 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.08 01:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.21 20:06:30 | 000,768,128 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODLV64.sys -- (L6PODLV)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.24 12:34:07 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011.01.11 09:33:31 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.01.11 09:33:30 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.12.07 16:08:20 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2010.11.11 18:38:41 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.10.26 17:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.10.26 17:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.20 04:27:34 | 000,027,136 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009.07.14 02:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009.07.14 02:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009.07.13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2009.04.06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2009.03.27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2011.09.23 07:53:26 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1269415
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {3d8ff719-f23c-4130-bde1-61ed2cc017b0} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes,DefaultScope = {1DEEE8FB-E35D-4604-824C-343A7750D71E}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{1DEEE8FB-E35D-4604-824C-343A7750D71E}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{584EB9F3-402E-4A6E-BCE5-54C420D65A79}: "URL" = http://websearch.ask.com/redirect?clien ... 2E8042F01A
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{ABF02DD4-EF66-43ee-A3E8-9ED4F999FBBE}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1269415
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.02.10 20:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MEK\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [Start WingMan Profiler] H:\ZÁLOHA\Saved Games\lwemon.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..Trusted Domains: line6.net ([]* in Trusted sites)
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (Reg Error: Key error.)
O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{550B8D92-F211-40F5-92E8-9EFA63384B50}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1B9B2CA-82A3-414F-AB07-5EA152849D5E}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.01 15:10:32 | 000,000,126 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.08.20 11:15:02 | 000,000,020 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ba3c9fca-ddbe-11df-80ac-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ba3c9fca-ddbe-11df-80ac-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -auto
O33 - MountPoints2\{e7ac3443-29f0-11e0-bfd4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e7ac3443-29f0-11e0-bfd4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009.08.22 00:37:17 | 000,609,064 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.06.16 07:49:26 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
[2012.06.15 19:56:25 | 000,000,000 | ---D | C] -- C:\Users\MEK\Desktop\Metalfest 2012
[2012.06.15 13:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.15 13:04:37 | 000,000,000 | ---D | C] -- C:\rsit
[2012.06.12 13:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\THQ
[2012.06.11 08:29:55 | 000,000,000 | -H-D | C] -- C:\Users\MEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2012.06.10 14:35:22 | 000,000,000 | ---D | C] -- C:\Users\MEK\Desktop\104_PANA
[2011.01.24 12:34:07 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\MEK\AppData\Roaming\pcouffin.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.06.17 06:10:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.17 06:01:40 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 06:01:40 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 06:00:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.17 05:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.06.17 05:54:25 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.17 05:53:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 05:53:50 | 533,323,775 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 07:49:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
[2012.06.12 17:36:40 | 000,000,494 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for MEK.job
[2012.06.11 08:37:43 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.11 08:37:43 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.11 08:37:43 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.11 08:37:43 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.11 08:37:43 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.11 08:37:37 | 000,038,874 | -H-- | M] () -- C:\Users\MEK\Desktop\316409KD.bat
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.16 07:55:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.11 08:37:37 | 000,038,874 | -H-- | C] () -- C:\Users\MEK\Desktop\316409KD.bat
[2012.02.17 18:18:50 | 000,003,584 | ---- | C] () -- C:\Users\MEK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.04 11:52:06 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.10.04 11:52:06 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2011.09.28 15:19:15 | 000,000,341 | ---- | C] () -- C:\Windows\GearBox.ini
[2011.09.23 06:36:32 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.09.03 08:46:43 | 000,000,017 | ---- | C] () -- C:\Users\MEK\AppData\Local\resmon.resmoncfg
[2011.04.14 09:23:10 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.31 11:02:50 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.03.31 11:02:50 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.03.31 10:45:23 | 000,837,192 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.03.31 10:16:46 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011.01.26 18:25:44 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.24 12:35:13 | 000,001,041 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\vso_ts_preview.xml
[2011.01.24 12:34:07 | 000,099,384 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\inst.exe
[2011.01.24 12:34:07 | 000,007,859 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\pcouffin.cat
[2011.01.24 12:34:07 | 000,001,167 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\pcouffin.inf
[2010.10.22 14:55:59 | 000,186,880 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.10.22 14:55:59 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.10.22 14:52:58 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2012.02.21 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Braid
[2011.09.24 06:29:38 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer
[2011.03.06 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer Pro
[2011.09.17 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canneverbe Limited
[2010.12.01 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canon
[2010.11.11 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DAEMON Tools Lite
[2011.01.05 15:29:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Desktopicon
[2011.08.24 05:43:56 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\eM Client
[2010.11.01 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\FairStars MP3 Recorder
[2010.10.31 07:05:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GetRightToGo
[2011.01.23 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GlarySoft
[2012.05.15 05:29:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InfraRecorder
[2011.09.28 15:19:15 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Line 6
[2011.08.03 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Lionhead Studios
[2010.10.31 09:11:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\OpenOffice.org
[2011.10.22 07:50:43 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Origin
[2011.08.10 18:16:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\PunkBuster
[2011.09.14 18:54:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Summer Athletics 2008
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Thunderbird
[2011.08.25 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Ubisoft
[2010.10.31 06:10:21 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Uniblue
[2012.05.15 05:50:23 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Vso
[2011.11.20 11:50:25 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Zoner
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.05.08 13:11:57 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.25 21:16:54 | 000,680,440 | ---- | M] (Microsoft Corporation) -- C:\DPInst.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.09.04 08:06:22 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Adobe
[2011.09.23 07:11:28 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\AdobeUM
[2012.02.10 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Apple Computer
[2012.02.21 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Braid
[2011.09.24 06:29:38 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer
[2011.03.06 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer Pro
[2011.09.17 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canneverbe Limited
[2010.12.01 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canon
[2011.10.04 11:58:29 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Creative
[2010.11.11 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DAEMON Tools Lite
[2011.01.05 15:29:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Desktopicon
[2010.10.29 19:41:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DivX
[2011.08.24 05:43:56 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\eM Client
[2010.11.01 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\FairStars MP3 Recorder
[2010.10.31 07:05:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GetRightToGo
[2011.01.23 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GlarySoft
[2010.10.22 11:41:03 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Identities
[2012.05.15 05:29:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InfraRecorder
[2011.08.31 16:57:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InstallShield
[2011.09.28 15:19:15 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Line 6
[2011.08.03 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Lionhead Studios
[2010.10.22 11:49:24 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Media Center Programs
[2012.01.15 15:19:33 | 000,000,000 | --SD | M] -- C:\Users\MEK\AppData\Roaming\Microsoft
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Mozilla
[2011.01.31 16:52:44 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\NCH Software
[2011.10.27 23:05:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\NVIDIA
[2010.10.31 09:11:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\OpenOffice.org
[2011.10.22 07:50:43 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Origin
[2011.08.10 18:16:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\PunkBuster
[2010.11.03 16:18:51 | 000,000,000 | RH-D | M] -- C:\Users\MEK\AppData\Roaming\SecuROM
[2011.09.14 18:54:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Summer Athletics 2008
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Thunderbird
[2011.08.25 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Ubisoft
[2010.10.31 06:10:21 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Uniblue
[2012.05.15 05:50:23 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Vso
[2010.10.23 09:43:52 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\WinRAR
[2011.11.20 11:50:25 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.01.24 12:34:07 | 000,099,384 | ---- | M] () -- C:\Users\MEK\AppData\Roaming\inst.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\MEK\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.06.17 05:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.06.17 05:54:25 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.06.17 06:00:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.12 17:36:40 | 000,000,494 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for MEK.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.25 21:16:54 | 000,680,440 | ---- | M] (Microsoft Corporation) -- C:\DPInst.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Start WingMan Profiler" = "H:\ZÁLOHA\Saved Games\lwemon.exe" /noui -- [2003.08.07 12:39:22 | 000,077,824 | ---- | M] (Logitech Inc.)
"ISUSPM Startup" = C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"ISUSPM" = "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"DriverScanner" = "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000
"CreativeTaskScheduler" = "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon -- [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.05 06:08:31 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.17 06:10:06 | 000,000,512 | ---- | M] () MD5=C33B060E334DC35D8835BA47F5173B58 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2002.09.25 21:05:38 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008.07.30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008.07.29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 18:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.04.19 08:47:30 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.04.13 12:00:14 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.04.19 08:50:38 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.04.13 12:00:00 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.04.19 04:08:12 | 000,003,867 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2009.12.12 15:11:16 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.06.10 17:42:30 | 000,002,364 | ---- | M] () -- \Users\MEK\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\S5SHO8K1\loader[1].gif
[2012.06.16 08:18:19 | 823,690,003 | ---- | M] () -- \Users\MEK\STAŽENÉ SOUBORY\Ctrl.Emotion.2009.DVDRip.CZ.by.Colly.of.PowerUploaders.wmv
[2012.06.07 16:06:03 | 745,982,606 | ---- | M] () -- \Users\MEK\STAŽENÉ SOUBORY\Pecet.vraha.2003.DVDRip.CZ.by.Colly.of.PowerUploaders.avi
[2007.06.19 09:59:36 | 000,070,400 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-4013968606-3250866645-994530466-1001\36FC1F560E13B054693FA488EB37166A\7.7.9\PhysXLoader.dll.EFBABE66_E43C_474F_A6F1_F0312317E9E1
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[4 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[4 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.15 22:46:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.10.15 22:46:11 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2011.10.15 22:46:11 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2011.10.15 22:46:11 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2011.10.15 22:46:11 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >
OTL logfile created on: 17.6.2012 6:08:39 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\MEK\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,72 Gb Available Physical Memory | 78,78% Memory free
11,99 Gb Paging File | 10,62 Gb Available in Paging File | 88,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,65 Gb Total Space | 2,29 Gb Free Space | 4,52% Space Free | Partition Type: NTFS
Drive D: | 43,78 Gb Total Space | 34,76 Gb Free Space | 79,40% Space Free | Partition Type: NTFS
Drive E: | 44,85 Gb Total Space | 42,96 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 9,76 Gb Total Space | 8,87 Gb Free Space | 90,84% Space Free | Partition Type: NTFS
Drive G: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 596,17 Gb Total Space | 419,96 Gb Free Space | 70,44% Space Free | Partition Type: NTFS
Computer Name: MEK-PC | User Name: MEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.06.16 07:49:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
PRC - [2012.02.14 19:59:00 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.10.21 06:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.08.04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
PRC - [2003.08.07 12:39:22 | 000,077,824 | ---- | M] (Logitech Inc.) -- H:\ZÁLOHA\Saved Games\LWEMon.exe
========== Modules (No Company Name) ==========
MOD - [2009.07.30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.05.31 17:51:09 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.24 06:31:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.02.14 19:59:00 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.04 11:52:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.04 11:51:42 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.08 01:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.21 20:06:30 | 000,768,128 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODLV64.sys -- (L6PODLV)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.24 12:34:07 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011.01.11 09:33:31 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.01.11 09:33:30 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.12.07 16:08:20 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2010.11.11 18:38:41 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.10.26 17:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.10.26 17:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.20 04:27:34 | 000,027,136 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009.07.14 02:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009.07.14 02:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009.07.13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2009.04.06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2009.03.27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2011.09.23 07:53:26 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1269415
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {3d8ff719-f23c-4130-bde1-61ed2cc017b0} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes,DefaultScope = {1DEEE8FB-E35D-4604-824C-343A7750D71E}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{1DEEE8FB-E35D-4604-824C-343A7750D71E}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{584EB9F3-402E-4A6E-BCE5-54C420D65A79}: "URL" = http://websearch.ask.com/redirect?clien ... 2E8042F01A
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{ABF02DD4-EF66-43ee-A3E8-9ED4F999FBBE}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1269415
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.02.10 20:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MEK\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001..\Run: [Start WingMan Profiler] H:\ZÁLOHA\Saved Games\lwemon.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4013968606-3250866645-994530466-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..Trusted Domains: line6.net ([]* in Trusted sites)
O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (Reg Error: Key error.)
O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{550B8D92-F211-40F5-92E8-9EFA63384B50}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1B9B2CA-82A3-414F-AB07-5EA152849D5E}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.01 15:10:32 | 000,000,126 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.08.20 11:15:02 | 000,000,020 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ba3c9fca-ddbe-11df-80ac-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ba3c9fca-ddbe-11df-80ac-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -auto
O33 - MountPoints2\{e7ac3443-29f0-11e0-bfd4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e7ac3443-29f0-11e0-bfd4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009.08.22 00:37:17 | 000,609,064 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.06.16 07:49:26 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
[2012.06.15 19:56:25 | 000,000,000 | ---D | C] -- C:\Users\MEK\Desktop\Metalfest 2012
[2012.06.15 13:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.15 13:04:37 | 000,000,000 | ---D | C] -- C:\rsit
[2012.06.12 13:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\THQ
[2012.06.11 08:29:55 | 000,000,000 | -H-D | C] -- C:\Users\MEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2012.06.10 14:35:22 | 000,000,000 | ---D | C] -- C:\Users\MEK\Desktop\104_PANA
[2011.01.24 12:34:07 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\MEK\AppData\Roaming\pcouffin.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.06.17 06:10:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.17 06:01:40 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 06:01:40 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 06:00:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.17 05:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.06.17 05:54:25 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.17 05:53:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 05:53:50 | 533,323,775 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 07:49:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\MEK\Desktop\OTL.exe
[2012.06.12 17:36:40 | 000,000,494 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for MEK.job
[2012.06.11 08:37:43 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.11 08:37:43 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.11 08:37:43 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.11 08:37:43 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.11 08:37:43 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.11 08:37:37 | 000,038,874 | -H-- | M] () -- C:\Users\MEK\Desktop\316409KD.bat
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.16 07:55:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.11 08:37:37 | 000,038,874 | -H-- | C] () -- C:\Users\MEK\Desktop\316409KD.bat
[2012.02.17 18:18:50 | 000,003,584 | ---- | C] () -- C:\Users\MEK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.04 11:52:06 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.10.04 11:52:06 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2011.09.28 15:19:15 | 000,000,341 | ---- | C] () -- C:\Windows\GearBox.ini
[2011.09.23 06:36:32 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.09.03 08:46:43 | 000,000,017 | ---- | C] () -- C:\Users\MEK\AppData\Local\resmon.resmoncfg
[2011.04.14 09:23:10 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.31 11:02:50 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.03.31 11:02:50 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.03.31 10:45:23 | 000,837,192 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.03.31 10:16:46 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011.01.26 18:25:44 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.24 12:35:13 | 000,001,041 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\vso_ts_preview.xml
[2011.01.24 12:34:07 | 000,099,384 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\inst.exe
[2011.01.24 12:34:07 | 000,007,859 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\pcouffin.cat
[2011.01.24 12:34:07 | 000,001,167 | ---- | C] () -- C:\Users\MEK\AppData\Roaming\pcouffin.inf
[2010.10.22 14:55:59 | 000,186,880 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.10.22 14:55:59 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.10.22 14:52:58 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2012.02.21 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Braid
[2011.09.24 06:29:38 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer
[2011.03.06 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer Pro
[2011.09.17 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canneverbe Limited
[2010.12.01 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canon
[2010.11.11 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DAEMON Tools Lite
[2011.01.05 15:29:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Desktopicon
[2011.08.24 05:43:56 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\eM Client
[2010.11.01 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\FairStars MP3 Recorder
[2010.10.31 07:05:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GetRightToGo
[2011.01.23 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GlarySoft
[2012.05.15 05:29:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InfraRecorder
[2011.09.28 15:19:15 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Line 6
[2011.08.03 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Lionhead Studios
[2010.10.31 09:11:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\OpenOffice.org
[2011.10.22 07:50:43 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Origin
[2011.08.10 18:16:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\PunkBuster
[2011.09.14 18:54:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Summer Athletics 2008
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Thunderbird
[2011.08.25 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Ubisoft
[2010.10.31 06:10:21 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Uniblue
[2012.05.15 05:50:23 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Vso
[2011.11.20 11:50:25 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Zoner
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.05.08 13:11:57 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.25 21:16:54 | 000,680,440 | ---- | M] (Microsoft Corporation) -- C:\DPInst.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.09.04 08:06:22 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Adobe
[2011.09.23 07:11:28 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\AdobeUM
[2012.02.10 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Apple Computer
[2012.02.21 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Braid
[2011.09.24 06:29:38 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer
[2011.03.06 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\BSplayer Pro
[2011.09.17 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canneverbe Limited
[2010.12.01 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Canon
[2011.10.04 11:58:29 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Creative
[2010.11.11 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DAEMON Tools Lite
[2011.01.05 15:29:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Desktopicon
[2010.10.29 19:41:42 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\DivX
[2011.08.24 05:43:56 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\eM Client
[2010.11.01 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\FairStars MP3 Recorder
[2010.10.31 07:05:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GetRightToGo
[2011.01.23 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\GlarySoft
[2010.10.22 11:41:03 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Identities
[2012.05.15 05:29:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InfraRecorder
[2011.08.31 16:57:32 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\InstallShield
[2011.09.28 15:19:15 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Line 6
[2011.08.03 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Lionhead Studios
[2010.10.22 11:49:24 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Media Center Programs
[2012.01.15 15:19:33 | 000,000,000 | --SD | M] -- C:\Users\MEK\AppData\Roaming\Microsoft
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Mozilla
[2011.01.31 16:52:44 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\NCH Software
[2011.10.27 23:05:06 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\NVIDIA
[2010.10.31 09:11:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\OpenOffice.org
[2011.10.22 07:50:43 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Origin
[2011.08.10 18:16:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\PunkBuster
[2010.11.03 16:18:51 | 000,000,000 | RH-D | M] -- C:\Users\MEK\AppData\Roaming\SecuROM
[2011.09.14 18:54:57 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Summer Athletics 2008
[2011.09.22 06:13:54 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Thunderbird
[2011.08.25 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Ubisoft
[2010.10.31 06:10:21 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Uniblue
[2012.05.15 05:50:23 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Vso
[2010.10.23 09:43:52 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\WinRAR
[2011.11.20 11:50:25 | 000,000,000 | ---D | M] -- C:\Users\MEK\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.01.24 12:34:07 | 000,099,384 | ---- | M] () -- C:\Users\MEK\AppData\Roaming\inst.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\MEK\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.06.17 05:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.06.17 05:54:25 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.06.17 06:00:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.12 17:36:40 | 000,000,494 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for MEK.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.06.25 21:16:54 | 000,680,440 | ---- | M] (Microsoft Corporation) -- C:\DPInst.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Start WingMan Profiler" = "H:\ZÁLOHA\Saved Games\lwemon.exe" /noui -- [2003.08.07 12:39:22 | 000,077,824 | ---- | M] (Logitech Inc.)
"ISUSPM Startup" = C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"ISUSPM" = "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"DriverScanner" = "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000
"CreativeTaskScheduler" = "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon -- [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.05 06:08:31 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.17 06:10:06 | 000,000,512 | ---- | M] () MD5=C33B060E334DC35D8835BA47F5173B58 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2002.09.25 21:05:38 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008.07.30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008.07.29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 18:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.04.19 08:47:30 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.04.13 12:00:14 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.04.19 08:50:38 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.04.13 12:00:00 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.04.19 04:08:12 | 000,003,867 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2009.12.12 15:11:16 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010.11.11 18:39:11 | 000,057,728 | ---- | M] () -- \Users\MEK\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.06.10 17:42:30 | 000,002,364 | ---- | M] () -- \Users\MEK\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\S5SHO8K1\loader[1].gif
[2012.06.16 08:18:19 | 823,690,003 | ---- | M] () -- \Users\MEK\STAŽENÉ SOUBORY\Ctrl.Emotion.2009.DVDRip.CZ.by.Colly.of.PowerUploaders.wmv
[2012.06.07 16:06:03 | 745,982,606 | ---- | M] () -- \Users\MEK\STAŽENÉ SOUBORY\Pecet.vraha.2003.DVDRip.CZ.by.Colly.of.PowerUploaders.avi
[2007.06.19 09:59:36 | 000,070,400 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-4013968606-3250866645-994530466-1001\36FC1F560E13B054693FA488EB37166A\7.7.9\PhysXLoader.dll.EFBABE66_E43C_474F_A6F1_F0312317E9E1
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[4 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[4 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.15 22:46:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.10.15 22:46:11 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2011.10.15 22:46:11 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2011.10.15 22:46:11 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2011.10.15 22:46:11 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >
-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
OTL Extras logfile created on: 16.6.2012 7:54:27 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\MEK\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,59 Gb Available Physical Memory | 76,51% Memory free
11,99 Gb Paging File | 10,52 Gb Available in Paging File | 87,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,65 Gb Total Space | 3,06 Gb Free Space | 6,05% Space Free | Partition Type: NTFS
Drive D: | 43,78 Gb Total Space | 34,76 Gb Free Space | 79,40% Space Free | Partition Type: NTFS
Drive E: | 44,85 Gb Total Space | 42,96 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 9,76 Gb Total Space | 8,87 Gb Free Space | 90,84% Space Free | Partition Type: NTFS
Drive G: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 596,17 Gb Total Space | 420,86 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Computer Name: MEK-PC | User Name: MEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057840E7-F619-4DB9-88EC-BB7CA77F5578}" = lport=139 | protocol=6 | dir=in | app=system |
"{0B108D40-85AA-4A2F-BC2B-03B2D5C1E3E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{100498F5-A03E-4E1F-8263-7BF760389146}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{215F9D6A-31C2-4D56-BF2F-154A177DA770}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21D78123-C76F-41D7-9CAD-6C8832F78406}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2CBDFE61-4383-4565-BDE4-4165C2FCA957}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2EAE7DED-545E-4789-98E7-915DE1C51328}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2FB6C7CC-A51F-42E2-8D49-C315922CB5BF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2FD26C1A-8392-48E8-9F3D-48CDE5D7E799}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53BEF85D-66E3-4E8C-8F4F-45C66D74253C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{555C2299-BC20-4214-97EE-FD9D52B720D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{66CEC151-AFC0-49E7-AC9D-567A57BA77F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70D9A912-6D51-4764-8A41-100BEF87A302}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8376F126-2A4F-45FC-9548-9266DE67E038}" = lport=445 | protocol=6 | dir=in | app=system |
"{86D8D70D-3909-4C14-9009-6BD5D8165DFD}" = rport=139 | protocol=6 | dir=out | app=system |
"{8AF543EA-306F-46AB-B8F4-17A9BD64AAAA}" = rport=138 | protocol=17 | dir=out | app=system |
"{90F78469-D61D-44F2-B0BA-19E1BEC9EE08}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97849ADD-4924-46CB-8E76-4178C65B5936}" = rport=445 | protocol=6 | dir=out | app=system |
"{98C83A68-FAE1-4650-9BD2-F3429D9B93B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9B82A068-22F9-4049-91D2-15C7788C8FCA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A90B1AF8-BCCE-482E-A578-15057F016241}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF402F8B-6A30-489A-AE66-9AD9AEED8CF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{F4E66256-3463-461E-99B3-E8EB2AA732F0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DEFAC9-FC27-4D7F-BE1A-946D1C744B0B}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\game_launcher.exe |
"{02DD576A-0775-4E47-AA93-1503CC31DE6D}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\dino d-day\srcds.exe |
"{04C1C970-B541-4229-9705-1B22644D3401}" = protocol=6 | dir=in | app=h:\medal of honor airorne\unrealengine3\binaries\moha.exe |
"{064FC362-DBBB-433C-A212-ECDF0829932E}" = protocol=17 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"{07FCEC54-D437-4D99-9173-3DECEC443B39}" = protocol=6 | dir=in | app=h:\assassins 2\acbsp.exe |
"{096F1AA1-E732-45B8-AE4F-95F82CB1C3AA}" = protocol=17 | dir=in | app=h:\dragon age\bin_ship\daorigins.exe |
"{0C883801-DBE5-4E8E-A6CC-135A49945B0C}" = protocol=17 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"{10897490-34E0-4B7D-93CA-F623DE54B8D9}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"{116CEDBE-91AD-4CCB-9BBB-254D11719244}" = protocol=17 | dir=in | app=h:\prince of persia\princeofpersia_launcher.exe |
"{12770D81-7B6F-4C91-8A22-B07789DE2806}" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"{140E0631-0619-48E6-B149-2EFC19AE0C59}" = protocol=6 | dir=in | app=h:\assassins 2\acbmp.exe |
"{16676CBF-2D45-42AD-BCD2-1719B73EA93B}" = protocol=17 | dir=in | app=h:\battlefield 3\battlefield 3\bf3.exe |
"{1735D84B-D680-44CE-85C3-D0FA7277C008}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1937277D-6D48-492E-AE3D-3AF3F4363CA3}" = protocol=17 | dir=in | app=h:\assassins 2\assassinscreedbrotherhood.exe |
"{1AE9FA3B-9E1B-4555-A349-EE4B40C3FBAA}" = protocol=6 | dir=in | app=h:\red faction\raptr\raptr.exe |
"{1DDD528D-264D-4F25-A3C0-3AD46E00A4A7}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutlauncher.exe |
"{20F144AA-1F62-49DC-A0C5-F153944A89C1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2AB5443A-87E8-4571-B840-49EC7745DAA8}" = protocol=6 | dir=in | app=h:\fable 3\fable3.exe |
"{30D94C29-F400-48F0-B5AA-CADEB03A87A6}" = protocol=6 | dir=in | app=h:\red faction\raptr\raptr_im.exe |
"{31561926-3C8B-4FBC-A894-52EEA5F5ACEB}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{31A0F738-C9C7-45EC-826C-AC57F8699F42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3663E684-77F1-4E83-81B2-583C5F816B50}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\just cause 2\justcause2.exe |
"{38180FFC-FE8B-4A23-B021-4249B0B5F13D}" = protocol=6 | dir=in | app=h:\dragon age\bin_ship\daupdatersvc.service.exe |
"{394DFF49-54DD-4F5A-A55B-7F6C7BE1C7C0}" = protocol=17 | dir=in | app=h:\assassins 2\uplaybrowser.exe |
"{39E74F78-F773-41BF-8724-99618BEAF57A}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{3C490ED2-049B-4E11-8F09-CAC8E150355B}" = protocol=17 | dir=in | app=h:\splinter cell\src\system\gu.exe |
"{3DBCF87B-439A-4774-A2D1-01A7AC870FB3}" = protocol=6 | dir=in | app=h:\gta\eflc\launcheflc.exe |
"{3E7C3B0F-BFE1-4DB6-835B-E51EAC07B654}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3EF771EF-54AA-4BA2-B49F-0A8A27500DC6}" = protocol=6 | dir=in | app=h:\prince of persia\princeofpersia_launcher.exe |
"{423FDB4D-7352-484D-BAE9-E69C5B75D5F0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{428FC7C1-D126-4333-A3A6-398FCF9776EC}" = protocol=17 | dir=in | app=h:\assassins 2\acbmp.exe |
"{4696F8F7-B12E-4A40-82F9-3AC641D2FA97}" = protocol=17 | dir=in | app=h:\dragon age\bin_ship\daupdatersvc.service.exe |
"{479584BF-FE9C-4470-901C-EB83029DF48E}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutconfigtool.exe |
"{48367A6C-6E76-4887-B6EC-68BB078ECB64}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{49374B92-3BBD-41B6-8298-FF70C13FC37D}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{4CB245E4-ACE1-4A8D-A060-97CC5656F4D8}" = protocol=6 | dir=in | app=h:\dragon age\daoriginslauncher.exe |
"{4E518731-FACB-41D4-825D-C4681B04AF62}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutlauncher.exe |
"{50D2BD01-9099-4BCE-8FB5-B213E3C867A9}" = protocol=6 | dir=in | app=h:\assassins 2\assassinscreedbrotherhood.exe |
"{514AD2E2-1732-4149-862C-EA15BF8EF683}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{52DB6E8B-86F2-4A07-BDF3-B80DD70B0122}" = protocol=6 | dir=out | app=system |
"{530C0A09-92D1-4070-8A37-8E96BBEE80BA}" = protocol=6 | dir=in | app=h:\battlefield 3\battlefield 3\bf3.exe |
"{54EC32F2-DA0F-464A-83AB-FD0B4B5C3C34}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{56BD72C5-C3B3-4B78-A34C-C11B47916870}" = protocol=6 | dir=in | app=h:\splinter cell\src\system\gu.exe |
"{592B5FB5-C65C-4137-9C72-8B7F042179E9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5AAEC4D9-DDA3-4313-A253-FA3BF9CEF6C7}" = protocol=17 | dir=in | app=h:\red faction\raptr\raptr.exe |
"{635E57C1-D1AE-4B6B-87C2-E8A8CC4D1F92}" = protocol=6 | dir=in | app=h:\call of duty 2\steam.exe |
"{644E4C89-7F18-41C6-A684-6AD257A799F5}" = protocol=17 | dir=in | app=h:\mass effect 1\mass effect\masseffectlauncher.exe |
"{69A3B1D9-90F8-4BC2-84AF-6C134A27D9AE}" = protocol=17 | dir=in | app=h:\bionik\bionic_commando.exe |
"{6EEE5AA8-848B-4916-9BCD-DD775A167E65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7675AB48-8A2B-4020-B558-83B32BBD80E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{792DAD5B-C00C-4359-B4F4-71AD73AAA520}" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2updater.exe |
"{7AB86DE8-1103-4609-BACB-984D657AE121}" = protocol=6 | dir=in | app=h:\mass effect 1\mass effect\binaries\masseffect.exe |
"{7B0FABE9-8D8B-4F90-A8DE-A330B3196291}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7B4F72AD-6CEB-4BF1-A88B-A08FF0C49DEA}" = protocol=17 | dir=in | app=h:\mass effect 1\mass effect\binaries\masseffect.exe |
"{7C05D15A-A575-4FBA-A515-224DAE993929}" = protocol=6 | dir=in | app=h:\dragon age\bin_ship\daorigins.exe |
"{7CA0DB15-875B-4DA1-9467-ABF9A59E7AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{84F95EAC-828A-4C03-9B35-C1DC6D77DFD8}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{864573DE-8C20-4E71-B627-49CC4874200B}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"{866AFBE8-BD2D-465C-82FF-B4B83093AB03}" = protocol=6 | dir=in | app=h:\mass 2\mass effect 2\binaries\masseffect2.exe |
"{8719BD2E-9D0A-405C-9A12-3F84DEAF92BC}" = protocol=17 | dir=in | app=h:\red faction\raptr\raptr_im.exe |
"{8C824AA7-7F98-4F3B-87F4-49147560C613}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\dino d-day\srcds.exe |
"{8D5631F9-ACFF-456D-BA2F-F6182A71D2C6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{92D752FD-2F3D-4E8D-AE96-3921CA0EC182}" = protocol=6 | dir=in | app=h:\bionik\bionic_commando.exe |
"{93B8CC78-2ABC-4CA7-861D-87D19AAFF272}" = protocol=6 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"{96A1E8EE-4C0F-4329-B481-D2FF5E0D780A}" = protocol=17 | dir=in | app=h:\dragon age\daoriginslauncher.exe |
"{9A406ECF-5C3C-4AEC-8E68-CCD10F86623B}" = protocol=17 | dir=in | app=h:\fable 3\fable3.exe |
"{9F1E7B48-677B-4AA2-B19E-182B396638A2}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutconfigtool.exe |
"{A602B6B8-F80A-4F1C-8CD0-937668A340FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6724509-F681-4CC6-97A6-7F45411ED8D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A8260881-FD9C-468C-9235-AB7B750C28D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{ABF8C727-177A-4D65-B329-8F14D15C6B48}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF41D201-CD0A-49CD-B9E5-8A09B5A7BF55}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B04A8A6B-78D0-4E1D-9EE6-A0E874B4E802}" = protocol=17 | dir=in | app=h:\medal of honor airorne\unrealengine3\binaries\moha.exe |
"{B1492473-15F6-48A9-9388-010F809CA9FC}" = protocol=17 | dir=in | app=h:\mass 2\mass effect 2\masseffect2launcher.exe |
"{BC99CF83-9104-44FB-A9EB-478EC9D90165}" = protocol=17 | dir=in | app=h:\mass 2\mass effect 2\binaries\masseffect2.exe |
"{BCCCD3E0-ED27-4EA2-A9CF-277446AE04B4}" = protocol=17 | dir=in | app=h:\gta\eflc\launcheflc.exe |
"{BFFA25A6-FB5C-4C34-B130-E5F8D1CDC3D4}" = protocol=17 | dir=in | app=h:\assassins 2\acbsp.exe |
"{C5625659-ED43-4877-94D3-EDB805C7FEFE}" = protocol=17 | dir=in | app=h:\prince of persia\prince of persia.exe |
"{C6EC12FE-A757-4B97-B0AA-9F48E85BCCCE}" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2updater.exe |
"{C766365E-D895-4CBB-B12A-BD74AF57003B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C921BD04-E69B-4169-AF0C-0E3EED545CCB}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutparadise.exe |
"{CC51CA78-2F6C-4D27-8680-EE460A6BF806}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D3658A4B-9A6E-41A5-B1B7-2AC45050C192}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{D7B006C9-8417-48A8-AFC9-D24974360835}" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2launcher.exe |
"{D8D52931-D4A2-4C54-946B-36E7FDF08F08}" = protocol=17 | dir=in | app=h:\call of duty 2\steam.exe |
"{DA9378C3-D9CC-44ED-97B0-B1CC30D7ECF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBC71BCE-317A-42D4-B195-AE1F70816669}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{DC3510D5-C149-48DF-ABD3-5A82E7EA0228}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DC3EA902-5715-4A20-8FD2-3EE12973F345}" = protocol=6 | dir=in | app=h:\mass 2\mass effect 2\masseffect2launcher.exe |
"{DDEF4B01-D70F-44C6-BCFD-086B8D36ADD8}" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2launcher.exe |
"{E09F263E-8327-4A01-AF83-A4D670412CC9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1921038-FC28-4780-80B2-5E6749E687A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2831272-95B3-49FF-B079-2DE97BFB8D5B}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\game_launcher.exe |
"{E43802D5-58B5-4A42-8BF8-6ADE2DBC2D21}" = protocol=6 | dir=in | app=h:\assassins 2\uplaybrowser.exe |
"{E4931A3F-4573-4E4D-8347-F8F978EC5559}" = protocol=6 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"{E8AA1D1E-EF47-4AEC-917F-A79FBA39FA67}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutparadise.exe |
"{E9590F04-C465-40F0-9435-D700BC4F0EC7}" = protocol=6 | dir=in | app=h:\prince of persia\prince of persia.exe |
"{EBDD181B-1D61-452C-8C0B-CF17EBDF331A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDDEAA85-D5A8-4665-A295-B1979CA65355}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\just cause 2\justcause2.exe |
"{EE4ADD18-AB19-48CB-9F8F-2C489EBE9EDC}" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"{F162207A-FAF4-43DC-93A6-593870E57BF8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F28B94A9-36B4-4203-87BB-E73461B784B5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F2C36C58-6EF1-4B8D-849E-AF8047923A63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F33E430F-96AC-46B5-BF07-E4BFE4DFE434}" = protocol=6 | dir=in | app=h:\mass effect 1\mass effect\masseffectlauncher.exe |
"TCP Query User{0D9F7A09-5982-4B8D-8A2C-671CD0B1E4D9}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{1489217E-9114-4C56-ABFE-5AD1D22AD2B9}H:\pacific\bsp.exe" = protocol=6 | dir=in | app=h:\pacific\bsp.exe |
"TCP Query User{1D924DB9-E8B6-48C9-B6A4-F7828951435F}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe |
"TCP Query User{2219EFE3-D4DA-4CEC-AA08-1A709970A0F3}H:\splinter cell\src\system\conviction_game.exe" = protocol=6 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"TCP Query User{2819041E-1007-4D76-A5B8-BFF7EE5735D9}H:\dirt\dirt.exe" = protocol=6 | dir=in | app=h:\dirt\dirt.exe |
"TCP Query User{2B623384-1839-49F9-999F-4D90CBEAE077}H:\call of duty 2\steam.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steam.exe |
"TCP Query User{2D5C1848-4BB2-47C1-865C-99BCD44B8E2B}H:\medal of honor airborne\mohpa.exe" = protocol=6 | dir=in | app=h:\medal of honor airborne\mohpa.exe |
"TCP Query User{380E60BC-4DBD-4DF2-B18C-CAD27A68DEC0}H:\dead space\dead space.exe" = protocol=6 | dir=in | app=h:\dead space\dead space.exe |
"TCP Query User{497B154C-1C6F-40D8-9D80-288DE79EE257}H:\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"TCP Query User{4E4EA0B2-1D1A-4345-BBCC-11063E84BDF6}H:\call of duty 2\iw4mp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\iw4mp.exe |
"TCP Query User{50208676-F8F1-4E2A-B24B-C974FD9E20AD}H:\dark sector\dark sector\ds.exe" = protocol=6 | dir=in | app=h:\dark sector\dark sector\ds.exe |
"TCP Query User{57BBD0EA-A538-46AA-9B0C-894BC594C2D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5894674D-F1C6-40CF-BB7F-024EEEEB7B45}H:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"TCP Query User{59CEF0FB-C6B2-428A-BC1B-3BE550DE3DA0}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"TCP Query User{7A0CD7D0-7D5F-41D5-ACC4-00636668D895}H:\splinter cell\src\system\uplaybrowser.exe" = protocol=6 | dir=in | app=h:\splinter cell\src\system\uplaybrowser.exe |
"TCP Query User{7D38CABC-2AB3-4F03-B59F-61E40DFDD049}H:\crysis\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"TCP Query User{83DAACAE-42F8-46EF-B27B-AF5D9C6E0F36}D:\formule\f1_2010_game.exe" = protocol=6 | dir=in | app=d:\formule\f1_2010_game.exe |
"TCP Query User{8456E58F-C73A-41D2-B34B-1821EA37229F}H:\moho 2010\mp\mohmpgame.exe" = protocol=6 | dir=in | app=h:\moho 2010\mp\mohmpgame.exe |
"TCP Query User{8772E300-A60C-4F90-9678-5327E3C27AC6}H:\bulletstorm\binaries\win32\shippingpc-stormgame.exe" = protocol=6 | dir=in | app=h:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"TCP Query User{8F47FDFB-A72A-408B-9308-B98DCE5CFDC2}H:\driver\driver.exe" = protocol=6 | dir=in | app=h:\driver\driver.exe |
"TCP Query User{9B98C968-81E4-415E-9858-A22A3807ECA4}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"TCP Query User{A8DA6192-7672-49A3-BE61-8B5417877E33}H:\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"TCP Query User{B31FE4CA-705A-4379-817B-8D1CC8457A16}H:\dirt\dirt.exe" = protocol=6 | dir=in | app=h:\dirt\dirt.exe |
"TCP Query User{BE857ACE-C30B-494D-931E-90ED8E525280}H:\proun\proun beta\proun.exe" = protocol=6 | dir=in | app=h:\proun\proun beta\proun.exe |
"TCP Query User{C88C513F-10F2-45FC-ABE3-527F143CB788}H:\call of duty 2\iw4mpold.exe" = protocol=6 | dir=in | app=h:\call of duty 2\iw4mpold.exe |
"TCP Query User{C91D54E3-2284-49D4-9516-5F96727846FC}H:\crysis\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"TCP Query User{CF47895F-B44A-40AF-8FC1-B3DD31406F15}H:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe |
"TCP Query User{CFDF17C0-9FE5-4ABA-BED5-2A23F28708F5}H:\medal\mohaa.exe" = protocol=6 | dir=in | app=h:\medal\mohaa.exe |
"TCP Query User{D250DD0A-ADAE-49B9-982B-713ED3B084C2}D:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{D8C38FF7-CD2F-4019-ADF9-5378EFCE12A1}H:\red faction\rfg.exe" = protocol=6 | dir=in | app=h:\red faction\rfg.exe |
"TCP Query User{DBD22AC9-6CA9-42FD-BCF5-9FAADC965778}H:\battlefield 2\bfbc2game.exe" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"TCP Query User{E151E8F2-C7B2-40D5-9BA1-0FF9BDBC42BA}H:\dead space\dead space.exe" = protocol=6 | dir=in | app=h:\dead space\dead space.exe |
"TCP Query User{EEE18BBC-361D-404A-BE2F-230EA99C7F05}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{F032B222-A290-4476-AFD1-B3C8EA405E61}H:\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=h:\anno 1404\tools\anno4web.exe |
"UDP Query User{0BD8BF60-1B4F-4D6B-AB40-75313B1EA755}H:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe |
"UDP Query User{1026D6B0-4D77-4931-A258-B7FDA9A47A64}H:\dirt\dirt.exe" = protocol=17 | dir=in | app=h:\dirt\dirt.exe |
"UDP Query User{13931D50-8315-4861-B5A5-F53CEC6D01C1}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{1D651652-9D83-4A37-A4B2-56D503F89B5E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{236985CD-CC6B-4E3F-8E9D-F6652047AEFD}H:\moho 2010\mp\mohmpgame.exe" = protocol=17 | dir=in | app=h:\moho 2010\mp\mohmpgame.exe |
"UDP Query User{28E31D30-F230-4C40-A34C-46E35F196FD6}H:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"UDP Query User{41D943BF-9AF0-4DA0-B365-BA15B2C27917}H:\crysis\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"UDP Query User{463AD9D8-6D28-4B70-B77A-2EEF48133209}H:\dead space\dead space.exe" = protocol=17 | dir=in | app=h:\dead space\dead space.exe |
"UDP Query User{475D8B38-6002-4999-AA91-6EB0711D156A}H:\red faction\rfg.exe" = protocol=17 | dir=in | app=h:\red faction\rfg.exe |
"UDP Query User{4C0933F9-6083-48BC-9FD8-D9C20507AD88}H:\medal of honor airborne\mohpa.exe" = protocol=17 | dir=in | app=h:\medal of honor airborne\mohpa.exe |
"UDP Query User{4DA2D42E-DABA-46D6-BF23-FC2229D457F3}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{54A01136-AA99-4D74-BD4B-E0B51D7477A1}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe |
"UDP Query User{57BEE8F1-A422-4F91-A673-A5C1CFC0EF76}H:\proun\proun beta\proun.exe" = protocol=17 | dir=in | app=h:\proun\proun beta\proun.exe |
"UDP Query User{58770265-A138-4797-81C6-C5BD8916B71B}H:\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"UDP Query User{5E76FAE0-D8CD-4530-8A39-914EDE870AE4}H:\crysis\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"UDP Query User{5EE4F2E4-F444-4A8D-90A9-2300F22DDBD2}H:\splinter cell\src\system\uplaybrowser.exe" = protocol=17 | dir=in | app=h:\splinter cell\src\system\uplaybrowser.exe |
"UDP Query User{71CDE8E3-CC6C-46B4-8F7A-DA238B68ACC8}H:\bulletstorm\binaries\win32\shippingpc-stormgame.exe" = protocol=17 | dir=in | app=h:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"UDP Query User{77B46A9E-B45E-489E-8765-6D995053C91C}H:\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=h:\anno 1404\tools\anno4web.exe |
"UDP Query User{791863EE-4349-4FB5-B731-CFAD0B3CB074}H:\dark sector\dark sector\ds.exe" = protocol=17 | dir=in | app=h:\dark sector\dark sector\ds.exe |
"UDP Query User{7CF2C035-0294-4C19-8707-921CEBD0561F}H:\splinter cell\src\system\conviction_game.exe" = protocol=17 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"UDP Query User{81857E1B-3A5E-4B26-9248-4CC4F58417A8}H:\pacific\bsp.exe" = protocol=17 | dir=in | app=h:\pacific\bsp.exe |
"UDP Query User{8280B810-84EC-40EC-8656-6C589F681703}H:\call of duty 2\steam.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steam.exe |
"UDP Query User{865C1277-C4A7-4CC4-9706-04F78CF2E4BF}H:\call of duty 2\iw4mpold.exe" = protocol=17 | dir=in | app=h:\call of duty 2\iw4mpold.exe |
"UDP Query User{948D6C70-41B8-4400-A86F-60D77D7C4B4A}H:\dead space\dead space.exe" = protocol=17 | dir=in | app=h:\dead space\dead space.exe |
"UDP Query User{96A07E13-1C28-4981-BD07-028D24BA5877}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"UDP Query User{9DE58EB1-BE99-4A39-B8B0-AF1F330E3E07}D:\formule\f1_2010_game.exe" = protocol=17 | dir=in | app=d:\formule\f1_2010_game.exe |
"UDP Query User{A2A7D1CC-F9FB-4E4B-8E19-51D6D5EA2C6F}H:\driver\driver.exe" = protocol=17 | dir=in | app=h:\driver\driver.exe |
"UDP Query User{B78CB7D9-5F22-4B6F-9D83-A2CB98E835A0}H:\medal\mohaa.exe" = protocol=17 | dir=in | app=h:\medal\mohaa.exe |
"UDP Query User{BDC3E35D-CC61-49FB-B021-EA99DD73670D}D:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{D60BA584-D5D6-4557-B3B0-2F961859808A}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"UDP Query User{D96C585E-1AFE-473C-A9BA-4A12F8BC75BE}H:\dirt\dirt.exe" = protocol=17 | dir=in | app=h:\dirt\dirt.exe |
"UDP Query User{E3EA7971-6FD4-4708-A67A-11E47C3E66B1}H:\battlefield 2\bfbc2game.exe" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"UDP Query User{FBBF26F2-C689-4CEE-9E7C-3AD5786F033A}H:\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"UDP Query User{FECC39F0-7C42-430B-BA97-C1410CDF6C4E}H:\call of duty 2\iw4mp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\iw4mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{91A8C38A-0239-11E0-9658-189EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2226247D-9846-4370-A1EF-FAA6958F7632}" = Sound Blaster Tactic(3D) Alpha
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{54510837-BD04-4C32-9676-DB1000038201}" = Red Faction: Guerrilla
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DEDF2885-0086-4534-9912-F9B97377ED07}" = AGEIA GAME System Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EEA080A7-4331-4593-A071-D0862A8178B9}" = ASUS nVidia Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C0221D-1DCD-487A-A3D1-E0C5B954F1DC}" = OpenOffice.org 3.4
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DVDFab 6_is1" = DVDFab 6.0.7.0 (18/09/2009)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"Fraps" = Fraps (remove only)
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8
"GameParkClient_is1" = GamePark
"Glary Utilities_is1" = Glary Utilities 2.21.0.863
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Line 6 Uninstaller" = Line 6 Uninstaller
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Proun Beta" = Proun Beta
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MP240 series" = Registrace uživatele zařízení Canon MP240 series
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 55230" = Saints Row: The Third
"Steam App 8190" = Just Cause 2
"SysInfo" = Creative System Information
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"H.S.M Custom Maps Expansion v1.0" = H.S.M Custom Maps Expansion v1.0
"H.S.M Custom Maps Expansion v2.0" = H.S.M Custom Maps Expansion v2.0
"H.S.M Custom Maps Expansion v3.0" = H.S.M Custom Maps Expansion v3.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.6.2011 8:36:37 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xed8 Čas spuštění chybující aplikace: 0x01cc33fdae94fb91 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: eeb610fc-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:36:54 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x00000000001151de
ID
chybujícího procesu: 0x260 Čas spuštění chybující aplikace: 0x01cc33fdb9d50d8a Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: f8c51510-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:37:06 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xf28 Čas spuštění chybující aplikace: 0x01cc33fdc1092bfc Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: ffd0103d-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:37:26 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xf30 Čas spuštění chybující aplikace: 0x01cc33fdccd13a78 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 0bec49a3-9ff1-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 10:21:36 | Computer Name = MEK-PC | Source = Application Hang | ID = 1002
Description = Program gameparkclient.exe verze 1.1.0.24 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1374 Čas spuštění: 01cc340c37ed24aa Čas ukončení: 0 Cesta k aplikaci: D:\GamePark\gameparkclient.exe
ID
hlášení:
Error - 28.6.2011 11:01:15 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: swg64.dll, verze: 5.6.6209.1144, časové
razítko: 0x4d52ef71 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000024b50 ID chybujícího
procesu: 0x908 Čas spuštění chybující aplikace: 0x01cc35a439512bb3 Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll ID zprávy:
77a919a7-a197-11e0-b810-6cf0495d520c
Error - 30.6.2011 11:48:50 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: F1_2010_game.exe, verze: 1.1.1.129, časové
razítko: 0x4cbea443 Název chybujícího modulu: F1_2010_game.exe, verze: 1.1.1.129,
časové razítko: 0x4cbea443 Kód výjimky: 0xc0000005 Posun chyby: 0x0028b3c2 ID chybujícího
procesu: 0xec8 Čas spuštění chybující aplikace: 0x01cc373b17ae2c1b Cesta k chybující
aplikaci: D:\FORMULE\F1_2010_game.exe Cesta k chybujícímu modulu: D:\FORMULE\F1_2010_game.exe
ID
zprávy: 7295b201-a330-11e0-9cd7-6cf0495d520c
Error - 30.6.2011 13:06:23 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x00000000001151bf
ID
chybujícího procesu: 0xab4 Čas spuštění chybující aplikace: 0x01cc3747874ad785 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 47ed31e4-a33b-11e0-9cd7-6cf0495d520c
Error - 16.7.2011 9:46:37 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xa98 Čas spuštění chybující aplikace: 0x01cc43b9a2342e6e Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 0657bc7a-afb2-11e0-89ef-6cf0495d520c
Error - 28.7.2011 0:22:39 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0x5ec Čas spuštění chybující aplikace: 0x01cc4cddcf5d1040 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 3a4f68c8-b8d1-11e0-b569-6cf0495d520c
[ Media Center Events ]
Error - 23.2.2011 2:16:40 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 7:16:40 - Chyba při připojování k Internetu 7:16:40 - Nelze kontaktovat
server..
Error - 23.2.2011 2:16:50 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 7:16:46 - Chyba při připojování k Internetu 7:16:46 - Nelze kontaktovat
server..
Error - 10.3.2011 3:11:42 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 8:11:42 - Chyba při připojování k Internetu 8:11:42 - Nelze kontaktovat
server..
Error - 10.3.2011 3:11:52 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 8:11:48 - Chyba při připojování k Internetu 8:11:48 - Nelze kontaktovat
server..
Error - 10.3.2011 4:11:57 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 9:11:57 - Chyba při připojování k Internetu 9:11:57 - Nelze kontaktovat
server..
Error - 10.3.2011 4:12:03 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 9:12:02 - Chyba při připojování k Internetu 9:12:02 - Nelze kontaktovat
server..
Error - 11.3.2011 1:53:24 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:53:24 - Chyba při připojování k Internetu 6:53:24 - Nelze kontaktovat
server..
Error - 11.3.2011 1:53:34 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:53:30 - Chyba při připojování k Internetu 6:53:30 - Nelze kontaktovat
server..
Error - 12.3.2011 1:39:31 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:39:31 - Chyba při připojování k Internetu 6:39:31 - Nelze kontaktovat
server..
Error - 12.3.2011 1:39:40 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:39:36 - Chyba při připojování k Internetu 6:39:36 - Nelze kontaktovat
server..
[ System Events ]
Error - 10.6.2012 8:36:14 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 10.6.2012 8:36:15 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 10.6.2012 8:36:15 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 11.6.2012 2:58:29 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 11.6.2012 3:20:53 | Computer Name = MEK-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
Error - 11.6.2012 12:12:34 | Computer Name = MEK-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 12.6.2012 3:53:50 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 12.6.2012 12:01:03 | Computer Name = MEK-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:43:50, ?12.?6.?2012) bylo neočekávané.
Error - 14.6.2012 1:31:45 | Computer Name = MEK-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 14.6.2012 14:24:33 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\MEK\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,59 Gb Available Physical Memory | 76,51% Memory free
11,99 Gb Paging File | 10,52 Gb Available in Paging File | 87,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,65 Gb Total Space | 3,06 Gb Free Space | 6,05% Space Free | Partition Type: NTFS
Drive D: | 43,78 Gb Total Space | 34,76 Gb Free Space | 79,40% Space Free | Partition Type: NTFS
Drive E: | 44,85 Gb Total Space | 42,96 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 9,76 Gb Total Space | 8,87 Gb Free Space | 90,84% Space Free | Partition Type: NTFS
Drive G: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 596,17 Gb Total Space | 420,86 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Computer Name: MEK-PC | User Name: MEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057840E7-F619-4DB9-88EC-BB7CA77F5578}" = lport=139 | protocol=6 | dir=in | app=system |
"{0B108D40-85AA-4A2F-BC2B-03B2D5C1E3E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{100498F5-A03E-4E1F-8263-7BF760389146}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{215F9D6A-31C2-4D56-BF2F-154A177DA770}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21D78123-C76F-41D7-9CAD-6C8832F78406}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2CBDFE61-4383-4565-BDE4-4165C2FCA957}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2EAE7DED-545E-4789-98E7-915DE1C51328}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2FB6C7CC-A51F-42E2-8D49-C315922CB5BF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2FD26C1A-8392-48E8-9F3D-48CDE5D7E799}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53BEF85D-66E3-4E8C-8F4F-45C66D74253C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{555C2299-BC20-4214-97EE-FD9D52B720D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{66CEC151-AFC0-49E7-AC9D-567A57BA77F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70D9A912-6D51-4764-8A41-100BEF87A302}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8376F126-2A4F-45FC-9548-9266DE67E038}" = lport=445 | protocol=6 | dir=in | app=system |
"{86D8D70D-3909-4C14-9009-6BD5D8165DFD}" = rport=139 | protocol=6 | dir=out | app=system |
"{8AF543EA-306F-46AB-B8F4-17A9BD64AAAA}" = rport=138 | protocol=17 | dir=out | app=system |
"{90F78469-D61D-44F2-B0BA-19E1BEC9EE08}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97849ADD-4924-46CB-8E76-4178C65B5936}" = rport=445 | protocol=6 | dir=out | app=system |
"{98C83A68-FAE1-4650-9BD2-F3429D9B93B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9B82A068-22F9-4049-91D2-15C7788C8FCA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A90B1AF8-BCCE-482E-A578-15057F016241}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF402F8B-6A30-489A-AE66-9AD9AEED8CF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{F4E66256-3463-461E-99B3-E8EB2AA732F0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DEFAC9-FC27-4D7F-BE1A-946D1C744B0B}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\game_launcher.exe |
"{02DD576A-0775-4E47-AA93-1503CC31DE6D}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\dino d-day\srcds.exe |
"{04C1C970-B541-4229-9705-1B22644D3401}" = protocol=6 | dir=in | app=h:\medal of honor airorne\unrealengine3\binaries\moha.exe |
"{064FC362-DBBB-433C-A212-ECDF0829932E}" = protocol=17 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"{07FCEC54-D437-4D99-9173-3DECEC443B39}" = protocol=6 | dir=in | app=h:\assassins 2\acbsp.exe |
"{096F1AA1-E732-45B8-AE4F-95F82CB1C3AA}" = protocol=17 | dir=in | app=h:\dragon age\bin_ship\daorigins.exe |
"{0C883801-DBE5-4E8E-A6CC-135A49945B0C}" = protocol=17 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"{10897490-34E0-4B7D-93CA-F623DE54B8D9}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"{116CEDBE-91AD-4CCB-9BBB-254D11719244}" = protocol=17 | dir=in | app=h:\prince of persia\princeofpersia_launcher.exe |
"{12770D81-7B6F-4C91-8A22-B07789DE2806}" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"{140E0631-0619-48E6-B149-2EFC19AE0C59}" = protocol=6 | dir=in | app=h:\assassins 2\acbmp.exe |
"{16676CBF-2D45-42AD-BCD2-1719B73EA93B}" = protocol=17 | dir=in | app=h:\battlefield 3\battlefield 3\bf3.exe |
"{1735D84B-D680-44CE-85C3-D0FA7277C008}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1937277D-6D48-492E-AE3D-3AF3F4363CA3}" = protocol=17 | dir=in | app=h:\assassins 2\assassinscreedbrotherhood.exe |
"{1AE9FA3B-9E1B-4555-A349-EE4B40C3FBAA}" = protocol=6 | dir=in | app=h:\red faction\raptr\raptr.exe |
"{1DDD528D-264D-4F25-A3C0-3AD46E00A4A7}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutlauncher.exe |
"{20F144AA-1F62-49DC-A0C5-F153944A89C1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2AB5443A-87E8-4571-B840-49EC7745DAA8}" = protocol=6 | dir=in | app=h:\fable 3\fable3.exe |
"{30D94C29-F400-48F0-B5AA-CADEB03A87A6}" = protocol=6 | dir=in | app=h:\red faction\raptr\raptr_im.exe |
"{31561926-3C8B-4FBC-A894-52EEA5F5ACEB}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{31A0F738-C9C7-45EC-826C-AC57F8699F42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3663E684-77F1-4E83-81B2-583C5F816B50}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\just cause 2\justcause2.exe |
"{38180FFC-FE8B-4A23-B021-4249B0B5F13D}" = protocol=6 | dir=in | app=h:\dragon age\bin_ship\daupdatersvc.service.exe |
"{394DFF49-54DD-4F5A-A55B-7F6C7BE1C7C0}" = protocol=17 | dir=in | app=h:\assassins 2\uplaybrowser.exe |
"{39E74F78-F773-41BF-8724-99618BEAF57A}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{3C490ED2-049B-4E11-8F09-CAC8E150355B}" = protocol=17 | dir=in | app=h:\splinter cell\src\system\gu.exe |
"{3DBCF87B-439A-4774-A2D1-01A7AC870FB3}" = protocol=6 | dir=in | app=h:\gta\eflc\launcheflc.exe |
"{3E7C3B0F-BFE1-4DB6-835B-E51EAC07B654}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3EF771EF-54AA-4BA2-B49F-0A8A27500DC6}" = protocol=6 | dir=in | app=h:\prince of persia\princeofpersia_launcher.exe |
"{423FDB4D-7352-484D-BAE9-E69C5B75D5F0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{428FC7C1-D126-4333-A3A6-398FCF9776EC}" = protocol=17 | dir=in | app=h:\assassins 2\acbmp.exe |
"{4696F8F7-B12E-4A40-82F9-3AC641D2FA97}" = protocol=17 | dir=in | app=h:\dragon age\bin_ship\daupdatersvc.service.exe |
"{479584BF-FE9C-4470-901C-EB83029DF48E}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutconfigtool.exe |
"{48367A6C-6E76-4887-B6EC-68BB078ECB64}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{49374B92-3BBD-41B6-8298-FF70C13FC37D}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{4CB245E4-ACE1-4A8D-A060-97CC5656F4D8}" = protocol=6 | dir=in | app=h:\dragon age\daoriginslauncher.exe |
"{4E518731-FACB-41D4-825D-C4681B04AF62}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutlauncher.exe |
"{50D2BD01-9099-4BCE-8FB5-B213E3C867A9}" = protocol=6 | dir=in | app=h:\assassins 2\assassinscreedbrotherhood.exe |
"{514AD2E2-1732-4149-862C-EA15BF8EF683}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{52DB6E8B-86F2-4A07-BDF3-B80DD70B0122}" = protocol=6 | dir=out | app=system |
"{530C0A09-92D1-4070-8A37-8E96BBEE80BA}" = protocol=6 | dir=in | app=h:\battlefield 3\battlefield 3\bf3.exe |
"{54EC32F2-DA0F-464A-83AB-FD0B4B5C3C34}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{56BD72C5-C3B3-4B78-A34C-C11B47916870}" = protocol=6 | dir=in | app=h:\splinter cell\src\system\gu.exe |
"{592B5FB5-C65C-4137-9C72-8B7F042179E9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5AAEC4D9-DDA3-4313-A253-FA3BF9CEF6C7}" = protocol=17 | dir=in | app=h:\red faction\raptr\raptr.exe |
"{635E57C1-D1AE-4B6B-87C2-E8A8CC4D1F92}" = protocol=6 | dir=in | app=h:\call of duty 2\steam.exe |
"{644E4C89-7F18-41C6-A684-6AD257A799F5}" = protocol=17 | dir=in | app=h:\mass effect 1\mass effect\masseffectlauncher.exe |
"{69A3B1D9-90F8-4BC2-84AF-6C134A27D9AE}" = protocol=17 | dir=in | app=h:\bionik\bionic_commando.exe |
"{6EEE5AA8-848B-4916-9BCD-DD775A167E65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7675AB48-8A2B-4020-B558-83B32BBD80E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{792DAD5B-C00C-4359-B4F4-71AD73AAA520}" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2updater.exe |
"{7AB86DE8-1103-4609-BACB-984D657AE121}" = protocol=6 | dir=in | app=h:\mass effect 1\mass effect\binaries\masseffect.exe |
"{7B0FABE9-8D8B-4F90-A8DE-A330B3196291}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7B4F72AD-6CEB-4BF1-A88B-A08FF0C49DEA}" = protocol=17 | dir=in | app=h:\mass effect 1\mass effect\binaries\masseffect.exe |
"{7C05D15A-A575-4FBA-A515-224DAE993929}" = protocol=6 | dir=in | app=h:\dragon age\bin_ship\daorigins.exe |
"{7CA0DB15-875B-4DA1-9467-ABF9A59E7AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{84F95EAC-828A-4C03-9B35-C1DC6D77DFD8}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{864573DE-8C20-4E71-B627-49CC4874200B}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"{866AFBE8-BD2D-465C-82FF-B4B83093AB03}" = protocol=6 | dir=in | app=h:\mass 2\mass effect 2\binaries\masseffect2.exe |
"{8719BD2E-9D0A-405C-9A12-3F84DEAF92BC}" = protocol=17 | dir=in | app=h:\red faction\raptr\raptr_im.exe |
"{8C824AA7-7F98-4F3B-87F4-49147560C613}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\dino d-day\srcds.exe |
"{8D5631F9-ACFF-456D-BA2F-F6182A71D2C6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{92D752FD-2F3D-4E8D-AE96-3921CA0EC182}" = protocol=6 | dir=in | app=h:\bionik\bionic_commando.exe |
"{93B8CC78-2ABC-4CA7-861D-87D19AAFF272}" = protocol=6 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"{96A1E8EE-4C0F-4329-B481-D2FF5E0D780A}" = protocol=17 | dir=in | app=h:\dragon age\daoriginslauncher.exe |
"{9A406ECF-5C3C-4AEC-8E68-CCD10F86623B}" = protocol=17 | dir=in | app=h:\fable 3\fable3.exe |
"{9F1E7B48-677B-4AA2-B19E-182B396638A2}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutconfigtool.exe |
"{A602B6B8-F80A-4F1C-8CD0-937668A340FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6724509-F681-4CC6-97A6-7F45411ED8D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A8260881-FD9C-468C-9235-AB7B750C28D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{ABF8C727-177A-4D65-B329-8F14D15C6B48}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF41D201-CD0A-49CD-B9E5-8A09B5A7BF55}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B04A8A6B-78D0-4E1D-9EE6-A0E874B4E802}" = protocol=17 | dir=in | app=h:\medal of honor airorne\unrealengine3\binaries\moha.exe |
"{B1492473-15F6-48A9-9388-010F809CA9FC}" = protocol=17 | dir=in | app=h:\mass 2\mass effect 2\masseffect2launcher.exe |
"{BC99CF83-9104-44FB-A9EB-478EC9D90165}" = protocol=17 | dir=in | app=h:\mass 2\mass effect 2\binaries\masseffect2.exe |
"{BCCCD3E0-ED27-4EA2-A9CF-277446AE04B4}" = protocol=17 | dir=in | app=h:\gta\eflc\launcheflc.exe |
"{BFFA25A6-FB5C-4C34-B130-E5F8D1CDC3D4}" = protocol=17 | dir=in | app=h:\assassins 2\acbsp.exe |
"{C5625659-ED43-4877-94D3-EDB805C7FEFE}" = protocol=17 | dir=in | app=h:\prince of persia\prince of persia.exe |
"{C6EC12FE-A757-4B97-B0AA-9F48E85BCCCE}" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2updater.exe |
"{C766365E-D895-4CBB-B12A-BD74AF57003B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C921BD04-E69B-4169-AF0C-0E3EED545CCB}" = protocol=17 | dir=in | app=h:\burnout paradise\burnoutparadise.exe |
"{CC51CA78-2F6C-4D27-8680-EE460A6BF806}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D3658A4B-9A6E-41A5-B1B7-2AC45050C192}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{D7B006C9-8417-48A8-AFC9-D24974360835}" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2launcher.exe |
"{D8D52931-D4A2-4C54-946B-36E7FDF08F08}" = protocol=17 | dir=in | app=h:\call of duty 2\steam.exe |
"{DA9378C3-D9CC-44ED-97B0-B1CC30D7ECF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBC71BCE-317A-42D4-B195-AE1F70816669}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{DC3510D5-C149-48DF-ABD3-5A82E7EA0228}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DC3EA902-5715-4A20-8FD2-3EE12973F345}" = protocol=6 | dir=in | app=h:\mass 2\mass effect 2\masseffect2launcher.exe |
"{DDEF4B01-D70F-44C6-BCFD-086B8D36ADD8}" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2launcher.exe |
"{E09F263E-8327-4A01-AF83-A4D670412CC9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1921038-FC28-4780-80B2-5E6749E687A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2831272-95B3-49FF-B079-2DE97BFB8D5B}" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\game_launcher.exe |
"{E43802D5-58B5-4A42-8BF8-6ADE2DBC2D21}" = protocol=6 | dir=in | app=h:\assassins 2\uplaybrowser.exe |
"{E4931A3F-4573-4E4D-8347-F8F978EC5559}" = protocol=6 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"{E8AA1D1E-EF47-4AEC-917F-A79FBA39FA67}" = protocol=6 | dir=in | app=h:\burnout paradise\burnoutparadise.exe |
"{E9590F04-C465-40F0-9435-D700BC4F0EC7}" = protocol=6 | dir=in | app=h:\prince of persia\prince of persia.exe |
"{EBDD181B-1D61-452C-8C0B-CF17EBDF331A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDDEAA85-D5A8-4665-A295-B1979CA65355}" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\just cause 2\justcause2.exe |
"{EE4ADD18-AB19-48CB-9F8F-2C489EBE9EDC}" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"{F162207A-FAF4-43DC-93A6-593870E57BF8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F28B94A9-36B4-4203-87BB-E73461B784B5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F2C36C58-6EF1-4B8D-849E-AF8047923A63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F33E430F-96AC-46B5-BF07-E4BFE4DFE434}" = protocol=6 | dir=in | app=h:\mass effect 1\mass effect\masseffectlauncher.exe |
"TCP Query User{0D9F7A09-5982-4B8D-8A2C-671CD0B1E4D9}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{1489217E-9114-4C56-ABFE-5AD1D22AD2B9}H:\pacific\bsp.exe" = protocol=6 | dir=in | app=h:\pacific\bsp.exe |
"TCP Query User{1D924DB9-E8B6-48C9-B6A4-F7828951435F}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe |
"TCP Query User{2219EFE3-D4DA-4CEC-AA08-1A709970A0F3}H:\splinter cell\src\system\conviction_game.exe" = protocol=6 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"TCP Query User{2819041E-1007-4D76-A5B8-BFF7EE5735D9}H:\dirt\dirt.exe" = protocol=6 | dir=in | app=h:\dirt\dirt.exe |
"TCP Query User{2B623384-1839-49F9-999F-4D90CBEAE077}H:\call of duty 2\steam.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steam.exe |
"TCP Query User{2D5C1848-4BB2-47C1-865C-99BCD44B8E2B}H:\medal of honor airborne\mohpa.exe" = protocol=6 | dir=in | app=h:\medal of honor airborne\mohpa.exe |
"TCP Query User{380E60BC-4DBD-4DF2-B18C-CAD27A68DEC0}H:\dead space\dead space.exe" = protocol=6 | dir=in | app=h:\dead space\dead space.exe |
"TCP Query User{497B154C-1C6F-40D8-9D80-288DE79EE257}H:\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"TCP Query User{4E4EA0B2-1D1A-4345-BBCC-11063E84BDF6}H:\call of duty 2\iw4mp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\iw4mp.exe |
"TCP Query User{50208676-F8F1-4E2A-B24B-C974FD9E20AD}H:\dark sector\dark sector\ds.exe" = protocol=6 | dir=in | app=h:\dark sector\dark sector\ds.exe |
"TCP Query User{57BBD0EA-A538-46AA-9B0C-894BC594C2D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5894674D-F1C6-40CF-BB7F-024EEEEB7B45}H:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"TCP Query User{59CEF0FB-C6B2-428A-BC1B-3BE550DE3DA0}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"TCP Query User{7A0CD7D0-7D5F-41D5-ACC4-00636668D895}H:\splinter cell\src\system\uplaybrowser.exe" = protocol=6 | dir=in | app=h:\splinter cell\src\system\uplaybrowser.exe |
"TCP Query User{7D38CABC-2AB3-4F03-B59F-61E40DFDD049}H:\crysis\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"TCP Query User{83DAACAE-42F8-46EF-B27B-AF5D9C6E0F36}D:\formule\f1_2010_game.exe" = protocol=6 | dir=in | app=d:\formule\f1_2010_game.exe |
"TCP Query User{8456E58F-C73A-41D2-B34B-1821EA37229F}H:\moho 2010\mp\mohmpgame.exe" = protocol=6 | dir=in | app=h:\moho 2010\mp\mohmpgame.exe |
"TCP Query User{8772E300-A60C-4F90-9678-5327E3C27AC6}H:\bulletstorm\binaries\win32\shippingpc-stormgame.exe" = protocol=6 | dir=in | app=h:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"TCP Query User{8F47FDFB-A72A-408B-9308-B98DCE5CFDC2}H:\driver\driver.exe" = protocol=6 | dir=in | app=h:\driver\driver.exe |
"TCP Query User{9B98C968-81E4-415E-9858-A22A3807ECA4}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"TCP Query User{A8DA6192-7672-49A3-BE61-8B5417877E33}H:\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"TCP Query User{B31FE4CA-705A-4379-817B-8D1CC8457A16}H:\dirt\dirt.exe" = protocol=6 | dir=in | app=h:\dirt\dirt.exe |
"TCP Query User{BE857ACE-C30B-494D-931E-90ED8E525280}H:\proun\proun beta\proun.exe" = protocol=6 | dir=in | app=h:\proun\proun beta\proun.exe |
"TCP Query User{C88C513F-10F2-45FC-ABE3-527F143CB788}H:\call of duty 2\iw4mpold.exe" = protocol=6 | dir=in | app=h:\call of duty 2\iw4mpold.exe |
"TCP Query User{C91D54E3-2284-49D4-9516-5F96727846FC}H:\crysis\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"TCP Query User{CF47895F-B44A-40AF-8FC1-B3DD31406F15}H:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe |
"TCP Query User{CFDF17C0-9FE5-4ABA-BED5-2A23F28708F5}H:\medal\mohaa.exe" = protocol=6 | dir=in | app=h:\medal\mohaa.exe |
"TCP Query User{D250DD0A-ADAE-49B9-982B-713ED3B084C2}D:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{D8C38FF7-CD2F-4019-ADF9-5378EFCE12A1}H:\red faction\rfg.exe" = protocol=6 | dir=in | app=h:\red faction\rfg.exe |
"TCP Query User{DBD22AC9-6CA9-42FD-BCF5-9FAADC965778}H:\battlefield 2\bfbc2game.exe" = protocol=6 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"TCP Query User{E151E8F2-C7B2-40D5-9BA1-0FF9BDBC42BA}H:\dead space\dead space.exe" = protocol=6 | dir=in | app=h:\dead space\dead space.exe |
"TCP Query User{EEE18BBC-361D-404A-BE2F-230EA99C7F05}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{F032B222-A290-4476-AFD1-B3C8EA405E61}H:\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=h:\anno 1404\tools\anno4web.exe |
"UDP Query User{0BD8BF60-1B4F-4D6B-AB40-75313B1EA755}H:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\left 4 dead\left4dead.exe |
"UDP Query User{1026D6B0-4D77-4931-A258-B7FDA9A47A64}H:\dirt\dirt.exe" = protocol=17 | dir=in | app=h:\dirt\dirt.exe |
"UDP Query User{13931D50-8315-4861-B5A5-F53CEC6D01C1}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{1D651652-9D83-4A37-A4B2-56D503F89B5E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{236985CD-CC6B-4E3F-8E9D-F6652047AEFD}H:\moho 2010\mp\mohmpgame.exe" = protocol=17 | dir=in | app=h:\moho 2010\mp\mohmpgame.exe |
"UDP Query User{28E31D30-F230-4C40-A34C-46E35F196FD6}H:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\saints row the third\saintsrowthethird.exe |
"UDP Query User{41D943BF-9AF0-4DA0-B365-BA15B2C27917}H:\crysis\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"UDP Query User{463AD9D8-6D28-4B70-B77A-2EEF48133209}H:\dead space\dead space.exe" = protocol=17 | dir=in | app=h:\dead space\dead space.exe |
"UDP Query User{475D8B38-6002-4999-AA91-6EB0711D156A}H:\red faction\rfg.exe" = protocol=17 | dir=in | app=h:\red faction\rfg.exe |
"UDP Query User{4C0933F9-6083-48BC-9FD8-D9C20507AD88}H:\medal of honor airborne\mohpa.exe" = protocol=17 | dir=in | app=h:\medal of honor airborne\mohpa.exe |
"UDP Query User{4DA2D42E-DABA-46D6-BF23-FC2229D457F3}H:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{54A01136-AA99-4D74-BD4B-E0B51D7477A1}C:\program files (x86)\gigabyte\et6\updexe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\et6\updexe.exe |
"UDP Query User{57BEE8F1-A422-4F91-A673-A5C1CFC0EF76}H:\proun\proun beta\proun.exe" = protocol=17 | dir=in | app=h:\proun\proun beta\proun.exe |
"UDP Query User{58770265-A138-4797-81C6-C5BD8916B71B}H:\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"UDP Query User{5E76FAE0-D8CD-4530-8A39-914EDE870AE4}H:\crysis\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=h:\crysis\bin32\crysis2demo.exe |
"UDP Query User{5EE4F2E4-F444-4A8D-90A9-2300F22DDBD2}H:\splinter cell\src\system\uplaybrowser.exe" = protocol=17 | dir=in | app=h:\splinter cell\src\system\uplaybrowser.exe |
"UDP Query User{71CDE8E3-CC6C-46B4-8F7A-DA238B68ACC8}H:\bulletstorm\binaries\win32\shippingpc-stormgame.exe" = protocol=17 | dir=in | app=h:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"UDP Query User{77B46A9E-B45E-489E-8765-6D995053C91C}H:\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=h:\anno 1404\tools\anno4web.exe |
"UDP Query User{791863EE-4349-4FB5-B731-CFAD0B3CB074}H:\dark sector\dark sector\ds.exe" = protocol=17 | dir=in | app=h:\dark sector\dark sector\ds.exe |
"UDP Query User{7CF2C035-0294-4C19-8707-921CEBD0561F}H:\splinter cell\src\system\conviction_game.exe" = protocol=17 | dir=in | app=h:\splinter cell\src\system\conviction_game.exe |
"UDP Query User{81857E1B-3A5E-4B26-9248-4CC4F58417A8}H:\pacific\bsp.exe" = protocol=17 | dir=in | app=h:\pacific\bsp.exe |
"UDP Query User{8280B810-84EC-40EC-8656-6C589F681703}H:\call of duty 2\steam.exe" = protocol=17 | dir=in | app=h:\call of duty 2\steam.exe |
"UDP Query User{865C1277-C4A7-4CC4-9706-04F78CF2E4BF}H:\call of duty 2\iw4mpold.exe" = protocol=17 | dir=in | app=h:\call of duty 2\iw4mpold.exe |
"UDP Query User{948D6C70-41B8-4400-A86F-60D77D7C4B4A}H:\dead space\dead space.exe" = protocol=17 | dir=in | app=h:\dead space\dead space.exe |
"UDP Query User{96A07E13-1C28-4981-BD07-028D24BA5877}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"UDP Query User{9DE58EB1-BE99-4A39-B8B0-AF1F330E3E07}D:\formule\f1_2010_game.exe" = protocol=17 | dir=in | app=d:\formule\f1_2010_game.exe |
"UDP Query User{A2A7D1CC-F9FB-4E4B-8E19-51D6D5EA2C6F}H:\driver\driver.exe" = protocol=17 | dir=in | app=h:\driver\driver.exe |
"UDP Query User{B78CB7D9-5F22-4B6F-9D83-A2CB98E835A0}H:\medal\mohaa.exe" = protocol=17 | dir=in | app=h:\medal\mohaa.exe |
"UDP Query User{BDC3E35D-CC61-49FB-B021-EA99DD73670D}D:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{D60BA584-D5D6-4557-B3B0-2F961859808A}H:\zaklínač 2\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=h:\zaklínač 2\the witcher 2\bin\witcher2.exe |
"UDP Query User{D96C585E-1AFE-473C-A9BA-4A12F8BC75BE}H:\dirt\dirt.exe" = protocol=17 | dir=in | app=h:\dirt\dirt.exe |
"UDP Query User{E3EA7971-6FD4-4708-A67A-11E47C3E66B1}H:\battlefield 2\bfbc2game.exe" = protocol=17 | dir=in | app=h:\battlefield 2\bfbc2game.exe |
"UDP Query User{FBBF26F2-C689-4CEE-9E7C-3AD5786F033A}H:\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=h:\crysis 2\bin32\crysis2.exe |
"UDP Query User{FECC39F0-7C42-430B-BA97-C1410CDF6C4E}H:\call of duty 2\iw4mp.exe" = protocol=17 | dir=in | app=h:\call of duty 2\iw4mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{91A8C38A-0239-11E0-9658-189EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2226247D-9846-4370-A1EF-FAA6958F7632}" = Sound Blaster Tactic(3D) Alpha
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{54510837-BD04-4C32-9676-DB1000038201}" = Red Faction: Guerrilla
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DEDF2885-0086-4534-9912-F9B97377ED07}" = AGEIA GAME System Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EEA080A7-4331-4593-A071-D0862A8178B9}" = ASUS nVidia Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C0221D-1DCD-487A-A3D1-E0C5B954F1DC}" = OpenOffice.org 3.4
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DVDFab 6_is1" = DVDFab 6.0.7.0 (18/09/2009)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"Fraps" = Fraps (remove only)
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8
"GameParkClient_is1" = GamePark
"Glary Utilities_is1" = Glary Utilities 2.21.0.863
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Line 6 Uninstaller" = Line 6 Uninstaller
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Proun Beta" = Proun Beta
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MP240 series" = Registrace uživatele zařízení Canon MP240 series
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 55230" = Saints Row: The Third
"Steam App 8190" = Just Cause 2
"SysInfo" = Creative System Information
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"H.S.M Custom Maps Expansion v1.0" = H.S.M Custom Maps Expansion v1.0
"H.S.M Custom Maps Expansion v2.0" = H.S.M Custom Maps Expansion v2.0
"H.S.M Custom Maps Expansion v3.0" = H.S.M Custom Maps Expansion v3.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.6.2011 8:36:37 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xed8 Čas spuštění chybující aplikace: 0x01cc33fdae94fb91 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: eeb610fc-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:36:54 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x00000000001151de
ID
chybujícího procesu: 0x260 Čas spuštění chybující aplikace: 0x01cc33fdb9d50d8a Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: f8c51510-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:37:06 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xf28 Čas spuštění chybující aplikace: 0x01cc33fdc1092bfc Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: ffd0103d-9ff0-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 8:37:26 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xf30 Čas spuštění chybující aplikace: 0x01cc33fdccd13a78 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 0bec49a3-9ff1-11e0-9d1f-6cf0495d520c
Error - 26.6.2011 10:21:36 | Computer Name = MEK-PC | Source = Application Hang | ID = 1002
Description = Program gameparkclient.exe verze 1.1.0.24 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1374 Čas spuštění: 01cc340c37ed24aa Čas ukončení: 0 Cesta k aplikaci: D:\GamePark\gameparkclient.exe
ID
hlášení:
Error - 28.6.2011 11:01:15 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: swg64.dll, verze: 5.6.6209.1144, časové
razítko: 0x4d52ef71 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000024b50 ID chybujícího
procesu: 0x908 Čas spuštění chybující aplikace: 0x01cc35a439512bb3 Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll ID zprávy:
77a919a7-a197-11e0-b810-6cf0495d520c
Error - 30.6.2011 11:48:50 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: F1_2010_game.exe, verze: 1.1.1.129, časové
razítko: 0x4cbea443 Název chybujícího modulu: F1_2010_game.exe, verze: 1.1.1.129,
časové razítko: 0x4cbea443 Kód výjimky: 0xc0000005 Posun chyby: 0x0028b3c2 ID chybujícího
procesu: 0xec8 Čas spuštění chybující aplikace: 0x01cc373b17ae2c1b Cesta k chybující
aplikaci: D:\FORMULE\F1_2010_game.exe Cesta k chybujícímu modulu: D:\FORMULE\F1_2010_game.exe
ID
zprávy: 7295b201-a330-11e0-9cd7-6cf0495d520c
Error - 30.6.2011 13:06:23 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x00000000001151bf
ID
chybujícího procesu: 0xab4 Čas spuštění chybující aplikace: 0x01cc3747874ad785 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 47ed31e4-a33b-11e0-9cd7-6cf0495d520c
Error - 16.7.2011 9:46:37 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0xa98 Čas spuštění chybující aplikace: 0x01cc43b9a2342e6e Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 0657bc7a-afb2-11e0-89ef-6cf0495d520c
Error - 28.7.2011 0:22:39 | Computer Name = MEK-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16722, časové
razítko: 0x4d0c3535 Název chybujícího modulu: Flash64_10_2_161.ocx, verze: 10.2.161.23,
časové razítko: 0x4c93eedb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000014e9d0
ID
chybujícího procesu: 0x5ec Čas spuštění chybující aplikace: 0x01cc4cddcf5d1040 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\system32\Macromed\Flash\Flash64_10_2_161.ocx ID zprávy: 3a4f68c8-b8d1-11e0-b569-6cf0495d520c
[ Media Center Events ]
Error - 23.2.2011 2:16:40 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 7:16:40 - Chyba při připojování k Internetu 7:16:40 - Nelze kontaktovat
server..
Error - 23.2.2011 2:16:50 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 7:16:46 - Chyba při připojování k Internetu 7:16:46 - Nelze kontaktovat
server..
Error - 10.3.2011 3:11:42 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 8:11:42 - Chyba při připojování k Internetu 8:11:42 - Nelze kontaktovat
server..
Error - 10.3.2011 3:11:52 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 8:11:48 - Chyba při připojování k Internetu 8:11:48 - Nelze kontaktovat
server..
Error - 10.3.2011 4:11:57 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 9:11:57 - Chyba při připojování k Internetu 9:11:57 - Nelze kontaktovat
server..
Error - 10.3.2011 4:12:03 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 9:12:02 - Chyba při připojování k Internetu 9:12:02 - Nelze kontaktovat
server..
Error - 11.3.2011 1:53:24 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:53:24 - Chyba při připojování k Internetu 6:53:24 - Nelze kontaktovat
server..
Error - 11.3.2011 1:53:34 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:53:30 - Chyba při připojování k Internetu 6:53:30 - Nelze kontaktovat
server..
Error - 12.3.2011 1:39:31 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:39:31 - Chyba při připojování k Internetu 6:39:31 - Nelze kontaktovat
server..
Error - 12.3.2011 1:39:40 | Computer Name = MEK-PC | Source = MCUpdate | ID = 0
Description = 6:39:36 - Chyba při připojování k Internetu 6:39:36 - Nelze kontaktovat
server..
[ System Events ]
Error - 10.6.2012 8:36:14 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 10.6.2012 8:36:15 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 10.6.2012 8:36:15 | Computer Name = MEK-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 11.6.2012 2:58:29 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 11.6.2012 3:20:53 | Computer Name = MEK-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
Error - 11.6.2012 12:12:34 | Computer Name = MEK-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 12.6.2012 3:53:50 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 12.6.2012 12:01:03 | Computer Name = MEK-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:43:50, ?12.?6.?2012) bylo neočekávané.
Error - 14.6.2012 1:31:45 | Computer Name = MEK-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 14.6.2012 14:24:33 | Computer Name = MEK-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
Re: Prosím o preventivní kontrolu
Jsou tam dva antiviry - MSE a Avast
- Jeden z nich musi bezpodminecne pryc
- Doporucuji ponechat Avast
- Pokud chcete dat do pryc Avast, pouzijte tohle http://files.avast.com/files/eng/aswclear.exe
- Pokud chcete dat do pryc MSE pouzijte tohle http://go.microsoft.com/?linkid=9748340 a pak tohle http://download.microsoft.com/download/ ... leanUp.exe
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415 IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {3d8ff719-f23c-4130-bde1-61ed2cc017b0} - No CLSID value found IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes,DefaultScope = {1DEEE8FB-E35D-4604-824C-343A7750D71E} IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{1DEEE8FB-E35D-4604-824C-343A7750D71E}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{584EB9F3-402E-4A6E-BCE5-54C420D65A79}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=05514CF2-2611-4247-99C6-2A6740E9050A&apn_sauid=E22840D3-071C-402A-96DB-2C2E8042F01A IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{ABF02DD4-EF66-43ee-A3E8-9ED4F999FBBE}: "URL" = http://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms} IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415 IE - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3:64bit: - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4013968606-3250866645-994530466-1001\..Trusted Domains: line6.net ([]* in Trusted sites) O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (Reg Error: Key error.) O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{ba3c9fca-ddbe-11df-80ac-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e7ac3443-29f0-11e0-bfd4-806e6f6e6963}\Shell - "" = AutoRun [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [4 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ] [2012.06.17 05:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.06.17 05:54:28 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2012.06.17 05:54:25 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.06.17 06:00:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.06.12 17:36:40 | 000,000,494 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for MEK.job @Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0 :services gupdate gupdatem :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"=- "ISUSPM"=- "DriverScanner"=- "CreativeTaskScheduler"=- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] H:\CALL OF DUTY 2\steam.exe [2011-08-04 1242448] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BCU"=- "Adobe Reader Speed Launcher"=- "SunJavaUpdateSched"=- "Adobe ARM"=- :files C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
OTL jsem spustil,zadal skript a opravil....
Re: Prosím o preventivní kontrolu
Fajn, poprosim o log po jeho aplikaci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
Po spusteni OTL (neodpovídá)
Re: Prosím o preventivní kontrolu
Udelejte jej v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
OTL nepracuje ani v nouzovém režimu. 
Re: Prosím o preventivní kontrolu
Poprosim o novy log z RSIT
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by MEK at 2012-06-18 17:03:06
Microsoft Windows 7 Home Premium
System drive C: has 3 GB (6%) free of 52 GB
Total RAM: 6139 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:08, on 18.6.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
H:\ZÁLOHA\Saved Games\LWEMon.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\MEK.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Start WingMan Profiler] "H:\ZÁLOHA\Saved Games\lwemon.exe" /noui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9932 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {7A9C54A7-FA77-4FB8-8283-84A5CB80C1E7}
taskeng.exe {B748CCC1-D722-4B69-9A7C-0EA8A72306E7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2232
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\M-AudioTaskBarIcon.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"H:\ZÁLOHA\Saved Games\LWEMon.exe" /noui
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3784 CREDAT:203009
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\MEK\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-18 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-01 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-01 59168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-08 9642528]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-12-07 798728]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=H:\ZÁLOHA\Saved Games\lwemon.exe [2003-08-07 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 2114376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
H:\CALL OF DUTY 2\steam.exe [2011-08-04 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-06-17 19:30:27 ----DC---- C:\_OTL
2012-06-15 13:04:37 ----DC---- C:\rsit
2012-06-15 13:04:37 ----D---- C:\Program Files\trend micro
2012-06-12 13:39:06 ----D---- C:\ProgramData\THQ
2012-06-05 20:36:38 ----A---- C:\Windows\system32\FntCache.dll
2012-06-05 06:28:29 ----D---- C:\Windows\SYSWOW64\Wat
2012-06-05 06:28:29 ----D---- C:\Windows\system32\Wat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\admparse.dll
2012-06-05 06:00:40 ----D---- C:\Windows\system32\SPReview
2012-06-05 06:00:12 ----D---- C:\Windows\system32\EventProviders
2012-06-05 05:50:17 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wintrust.dll
2012-06-05 05:10:49 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-06-05 05:10:49 ----A---- C:\Windows\system32\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d2d1.dll
2012-06-05 05:10:27 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-06-05 05:10:27 ----A---- C:\Windows\system32\quartz.dll
2012-06-05 05:10:26 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-05 05:10:26 ----A---- C:\Windows\system32\qdvd.dll
2012-06-05 05:10:23 ----A---- C:\Windows\system32\shell32.dll
2012-06-05 05:10:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-06-05 05:10:21 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-06-05 05:10:21 ----A---- C:\Windows\system32\ntshrui.dll
2012-06-05 05:10:20 ----A---- C:\Windows\system32\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspisrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsass.exe
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsasrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\cng.sys
2012-06-05 05:10:18 ----A---- C:\Windows\system32\csrsrv.dll
2012-06-05 05:10:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-05 05:10:14 ----A---- C:\Windows\system32\win32k.sys
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-05 05:09:45 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-06-05 05:09:45 ----A---- C:\Windows\system32\prevhost.exe
2012-06-05 05:09:41 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-06-05 05:09:40 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\storport.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-06-05 05:09:37 ----A---- C:\Windows\system32\drivers\afd.sys
2012-06-05 05:09:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-06-05 05:09:27 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-06-05 05:09:27 ----A---- C:\Windows\system32\msvcrt.dll
2012-06-05 05:09:26 ----A---- C:\Windows\system32\EncDec.dll
2012-06-05 05:09:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-06-05 05:09:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-06-05 05:09:21 ----A---- C:\Windows\system32\tzres.dll
2012-06-05 05:06:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-05 05:06:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-06-05 05:06:22 ----A---- C:\Windows\system32\ntdll.dll
2012-06-05 05:06:19 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-06-05 05:06:19 ----A---- C:\Windows\system32\packager.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-04 20:47:58 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-01 13:26:34 ----D---- C:\ProgramData\Ask
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\java.exe
2012-05-31 18:17:41 ----A---- C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2012-05-24 06:31:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-24 05:55:13 ----D---- C:\Windows\SYSWOW64\Adobe
======List of files/folders modified in the last 1 month======
2012-06-18 17:03:07 ----D---- C:\Windows\Temp
2012-06-18 16:57:51 ----D---- C:\ProgramData\NVIDIA
2012-06-18 11:57:16 ----A---- C:\Windows\ntbtlog.txt
2012-06-18 06:00:03 ----D---- C:\Windows\Prefetch
2012-06-17 20:08:14 ----D---- C:\Windows\system32\NDF
2012-06-17 19:30:28 ----SHD---- C:\Windows\Installer
2012-06-17 19:30:28 ----D---- C:\Windows\Tasks
2012-06-17 19:30:28 ----D---- C:\Windows\SysWOW64
2012-06-17 19:30:28 ----D---- C:\Windows\Downloaded Program Files
2012-06-17 19:30:28 ----D---- C:\Windows
2012-06-17 19:30:28 ----D---- C:\Program Files (x86)\ConduitEngine
2012-06-17 18:45:37 ----D---- C:\Windows\system32\Tasks
2012-06-17 18:45:25 ----SHD---- C:\System Volume Information
2012-06-17 12:59:50 ----D---- C:\Windows\system32\catroot2
2012-06-15 13:04:37 ----RD---- C:\Program Files
2012-06-12 20:31:04 ----D---- C:\Windows\system32\config
2012-06-12 13:39:06 ----HD---- C:\ProgramData
2012-06-11 08:37:43 ----D---- C:\Windows\System32
2012-06-11 08:37:43 ----D---- C:\Windows\inf
2012-06-11 08:37:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-08 08:13:21 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-06-08 08:13:17 ----RSD---- C:\Windows\assembly
2012-06-08 08:12:46 ----RSD---- C:\Windows\Fonts
2012-06-08 08:10:06 ----D---- C:\Windows\winsxs
2012-06-08 07:35:22 ----D---- C:\ProgramData\CanonIJPLM
2012-06-06 11:13:25 ----D---- C:\Windows\Microsoft.NET
2012-06-05 20:36:32 ----D---- C:\Windows\system32\catroot
2012-06-05 17:36:08 ----D---- C:\Windows\rescache
2012-06-05 14:06:14 ----D---- C:\ProgramData\Ubisoft
2012-06-05 13:51:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-05 06:28:32 ----D---- C:\Windows\ehome
2012-06-05 06:28:32 ----D---- C:\Program Files\Common Files\System
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\migration
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\system32\drivers
2012-06-05 06:28:31 ----D---- C:\Windows\system32\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\AppPatch
2012-06-05 06:28:31 ----D---- C:\Program Files\Internet Explorer
2012-06-05 06:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-05 06:28:30 ----D---- C:\Windows\system32\migration
2012-06-05 06:28:30 ----D---- C:\Windows\system32\en-US
2012-06-05 06:28:30 ----D---- C:\Windows\PolicyDefinitions
2012-06-05 06:28:28 ----D---- C:\Program Files\Windows Journal
2012-06-05 06:28:26 ----D---- C:\Windows\system32\DriverStore
2012-06-05 06:16:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-06-05 06:09:32 ----D---- C:\Windows\Logs
2012-06-03 05:34:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-06-01 17:37:29 ----RD---- C:\Program Files (x86)
2012-06-01 14:18:48 ----D---- C:\Program Files\Bonjour
2012-06-01 14:18:48 ----D---- C:\Program Files (x86)\Bonjour
2012-06-01 13:26:50 ----D---- C:\Program Files (x86)\Common Files
2012-06-01 13:25:13 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-06-01 13:13:59 ----D---- C:\Windows\pss
2012-05-31 17:02:16 ----D---- C:\ProgramData\CanonIJ
2012-05-31 16:53:08 ----D---- C:\Windows\system32\FxsTmp
2012-05-22 16:52:42 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-05-20 17:12:09 ----D---- C:\Program Files\Google
2012-05-20 17:12:09 ----D---- C:\Program Files (x86)\Google
2012-05-20 14:51:57 ----D---- C:\ProgramData\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-01-11 314016]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-01-11 43680]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-08 2223392]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-24 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 a1iimbjh;a1iimbjh; C:\Windows\system32\drivers\a1iimbjh.sys []
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-09-23 30528]
S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2011-06-21 768128]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2010-12-07 187912]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUSB;Alpha; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
S3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-05-20 286720]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-14 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-10-04 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-04 79360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-05-31 529232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by MEK at 2012-06-18 17:03:06
Microsoft Windows 7 Home Premium
System drive C: has 3 GB (6%) free of 52 GB
Total RAM: 6139 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:08, on 18.6.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
H:\ZÁLOHA\Saved Games\LWEMon.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\MEK.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Start WingMan Profiler] "H:\ZÁLOHA\Saved Games\lwemon.exe" /noui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4013968606-3250866645-994530466-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9932 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {7A9C54A7-FA77-4FB8-8283-84A5CB80C1E7}
taskeng.exe {B748CCC1-D722-4B69-9A7C-0EA8A72306E7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2232
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\M-AudioTaskBarIcon.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"H:\ZÁLOHA\Saved Games\LWEMon.exe" /noui
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3784 CREDAT:203009
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\MEK\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-18 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-01 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-01 59168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-08 9642528]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-12-07 798728]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=H:\ZÁLOHA\Saved Games\lwemon.exe [2003-08-07 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 2114376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
H:\CALL OF DUTY 2\steam.exe [2011-08-04 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-06-17 19:30:27 ----DC---- C:\_OTL
2012-06-15 13:04:37 ----DC---- C:\rsit
2012-06-15 13:04:37 ----D---- C:\Program Files\trend micro
2012-06-12 13:39:06 ----D---- C:\ProgramData\THQ
2012-06-05 20:36:38 ----A---- C:\Windows\system32\FntCache.dll
2012-06-05 06:28:29 ----D---- C:\Windows\SYSWOW64\Wat
2012-06-05 06:28:29 ----D---- C:\Windows\system32\Wat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wininet.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\wextract.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\webcheck.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\vbscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\urlmon.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\url.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\pngfilt.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\occache.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msrating.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msls31.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmler.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshtml.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\mshta.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedssync.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\msfeeds.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\licmgr10.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript9.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\jscript.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\inseng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\imgutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iexpress.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesysprep.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iesetup.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iertutil.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iernonce.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iepeers.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieframe.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\iedkcs32.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieapfltr.dat
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakui.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieaksie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ieakeng.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\ie4uinit.exe
2012-06-05 06:08:31 ----A---- C:\Windows\system32\icardie.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtrans.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\dxtmsft.dll
2012-06-05 06:08:31 ----A---- C:\Windows\system32\admparse.dll
2012-06-05 06:00:40 ----D---- C:\Windows\system32\SPReview
2012-06-05 06:00:12 ----D---- C:\Windows\system32\EventProviders
2012-06-05 05:50:17 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\imagehlp.dll
2012-06-05 05:50:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wmi.dll
2012-06-05 05:50:16 ----A---- C:\Windows\system32\wintrust.dll
2012-06-05 05:10:49 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-06-05 05:10:49 ----A---- C:\Windows\system32\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10warp.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d3d10_1.dll
2012-06-05 05:10:48 ----A---- C:\Windows\system32\d2d1.dll
2012-06-05 05:10:27 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-06-05 05:10:27 ----A---- C:\Windows\system32\quartz.dll
2012-06-05 05:10:26 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-05 05:10:26 ----A---- C:\Windows\system32\qdvd.dll
2012-06-05 05:10:23 ----A---- C:\Windows\system32\shell32.dll
2012-06-05 05:10:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-06-05 05:10:21 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-06-05 05:10:21 ----A---- C:\Windows\system32\ntshrui.dll
2012-06-05 05:10:20 ----A---- C:\Windows\system32\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-06-05 05:10:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\webio.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspisrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\sspicli.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\secur32.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsass.exe
2012-06-05 05:10:19 ----A---- C:\Windows\system32\lsasrv.dll
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-06-05 05:10:19 ----A---- C:\Windows\system32\drivers\cng.sys
2012-06-05 05:10:18 ----A---- C:\Windows\system32\csrsrv.dll
2012-06-05 05:10:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-05 05:10:14 ----A---- C:\Windows\system32\win32k.sys
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-05 05:10:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-05 05:09:45 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-06-05 05:09:45 ----A---- C:\Windows\system32\prevhost.exe
2012-06-05 05:09:41 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\esent.dll
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-06-05 05:09:41 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-06-05 05:09:40 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\fsutil.exe
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\storport.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-06-05 05:09:40 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-06-05 05:09:37 ----A---- C:\Windows\system32\drivers\afd.sys
2012-06-05 05:09:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-06-05 05:09:31 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-06-05 05:09:27 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-06-05 05:09:27 ----A---- C:\Windows\system32\msvcrt.dll
2012-06-05 05:09:26 ----A---- C:\Windows\system32\EncDec.dll
2012-06-05 05:09:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-06-05 05:09:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-06-05 05:09:21 ----A---- C:\Windows\system32\tzres.dll
2012-06-05 05:06:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-05 05:06:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-06-05 05:06:22 ----A---- C:\Windows\system32\ntdll.dll
2012-06-05 05:06:19 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-06-05 05:06:19 ----A---- C:\Windows\system32\packager.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-04 20:47:59 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-04 20:47:58 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\rdpcore.dll
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-06-04 20:47:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-01 13:26:34 ----D---- C:\ProgramData\Ask
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-06-01 13:25:18 ----A---- C:\Windows\SYSWOW64\java.exe
2012-05-31 18:17:41 ----A---- C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2012-05-24 06:31:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-24 05:55:13 ----D---- C:\Windows\SYSWOW64\Adobe
======List of files/folders modified in the last 1 month======
2012-06-18 17:03:07 ----D---- C:\Windows\Temp
2012-06-18 16:57:51 ----D---- C:\ProgramData\NVIDIA
2012-06-18 11:57:16 ----A---- C:\Windows\ntbtlog.txt
2012-06-18 06:00:03 ----D---- C:\Windows\Prefetch
2012-06-17 20:08:14 ----D---- C:\Windows\system32\NDF
2012-06-17 19:30:28 ----SHD---- C:\Windows\Installer
2012-06-17 19:30:28 ----D---- C:\Windows\Tasks
2012-06-17 19:30:28 ----D---- C:\Windows\SysWOW64
2012-06-17 19:30:28 ----D---- C:\Windows\Downloaded Program Files
2012-06-17 19:30:28 ----D---- C:\Windows
2012-06-17 19:30:28 ----D---- C:\Program Files (x86)\ConduitEngine
2012-06-17 18:45:37 ----D---- C:\Windows\system32\Tasks
2012-06-17 18:45:25 ----SHD---- C:\System Volume Information
2012-06-17 12:59:50 ----D---- C:\Windows\system32\catroot2
2012-06-15 13:04:37 ----RD---- C:\Program Files
2012-06-12 20:31:04 ----D---- C:\Windows\system32\config
2012-06-12 13:39:06 ----HD---- C:\ProgramData
2012-06-11 08:37:43 ----D---- C:\Windows\System32
2012-06-11 08:37:43 ----D---- C:\Windows\inf
2012-06-11 08:37:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-08 08:13:21 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-06-08 08:13:17 ----RSD---- C:\Windows\assembly
2012-06-08 08:12:46 ----RSD---- C:\Windows\Fonts
2012-06-08 08:10:06 ----D---- C:\Windows\winsxs
2012-06-08 07:35:22 ----D---- C:\ProgramData\CanonIJPLM
2012-06-06 11:13:25 ----D---- C:\Windows\Microsoft.NET
2012-06-05 20:36:32 ----D---- C:\Windows\system32\catroot
2012-06-05 17:36:08 ----D---- C:\Windows\rescache
2012-06-05 14:06:14 ----D---- C:\ProgramData\Ubisoft
2012-06-05 13:51:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-05 06:28:32 ----D---- C:\Windows\ehome
2012-06-05 06:28:32 ----D---- C:\Program Files\Common Files\System
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\migration
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-05 06:28:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\system32\drivers
2012-06-05 06:28:31 ----D---- C:\Windows\system32\cs-CZ
2012-06-05 06:28:31 ----D---- C:\Windows\AppPatch
2012-06-05 06:28:31 ----D---- C:\Program Files\Internet Explorer
2012-06-05 06:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-05 06:28:30 ----D---- C:\Windows\system32\migration
2012-06-05 06:28:30 ----D---- C:\Windows\system32\en-US
2012-06-05 06:28:30 ----D---- C:\Windows\PolicyDefinitions
2012-06-05 06:28:28 ----D---- C:\Program Files\Windows Journal
2012-06-05 06:28:26 ----D---- C:\Windows\system32\DriverStore
2012-06-05 06:16:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-06-05 06:09:32 ----D---- C:\Windows\Logs
2012-06-03 05:34:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-06-01 17:37:29 ----RD---- C:\Program Files (x86)
2012-06-01 14:18:48 ----D---- C:\Program Files\Bonjour
2012-06-01 14:18:48 ----D---- C:\Program Files (x86)\Bonjour
2012-06-01 13:26:50 ----D---- C:\Program Files (x86)\Common Files
2012-06-01 13:25:13 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-06-01 13:13:59 ----D---- C:\Windows\pss
2012-05-31 17:02:16 ----D---- C:\ProgramData\CanonIJ
2012-05-31 16:53:08 ----D---- C:\Windows\system32\FxsTmp
2012-05-22 16:52:42 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-05-20 17:12:09 ----D---- C:\Program Files\Google
2012-05-20 17:12:09 ----D---- C:\Program Files (x86)\Google
2012-05-20 14:51:57 ----D---- C:\ProgramData\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-01-11 314016]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-01-11 43680]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-08 2223392]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-24 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 a1iimbjh;a1iimbjh; C:\Windows\system32\drivers\a1iimbjh.sys []
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-09-23 30528]
S3 L6PODLV;PODxt Live Service; C:\Windows\System32\Drivers\L6PODLV64.sys [2011-06-21 768128]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2010-12-07 187912]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUSB;Alpha; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
S3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-05-20 286720]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-14 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-10-04 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-04 79360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-05-31 529232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Prosím o preventivní kontrolu
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
@echo off reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f reg delete "HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run" /v "Adobe Reader Speed Launcher" /f reg delete "HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run" /v "SunJavaUpdateSched" /f reg delete "HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run" /v "Adobe ARM" /f del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk"- Soubor ulozte jako del.bat
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem del.bat
- Okno jen problikne a provede co ma - soubor muzete smazat
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doinstalujte ServicePack 1 a dlasi aktualizace Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Taller
- Návštěvník
- Příspěvky: 24
- Registrován: 04 čer 2012 11:08
- Bydliště: Brandýs nad Labem Stará Boleslav
Re: Prosím o preventivní kontrolu
Dobrý den jediné co jsem zatím zjistil, že některá videa na youtube běží bez obrazu( pouze zelená barva ).
Re: Prosím o preventivní kontrolu
Tak to bych videl spise na problem graficke karty 
Delaji to jen videa na YT
Zkuste pripadne preinstalovat flash player a ovladac GK
A zkontrolujte ci GK sedi pevne ve slotu
Delaji to jen videa na YT
Zkuste pripadne preinstalovat flash player a ovladac GKA zkontrolujte ci GK sedi pevne ve slotu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?