Logfile of random's system information tool 1.09 (written by random/random)
Run by Envy at 2012-06-29 05:00:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 80 GB (34%) free of 238 GB
Total RAM: 8190 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:00:46, on 29.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Envy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.176.171.237:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7861 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {F19C2020-EBB9-4829-9D24-EF3BF75A6770}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Users\Envy\AppData\Local\Temp\Rar$EX63.984\Core Temp.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Envy\Downloads\RSITx64.exe"
taskhost.exe $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Webzen.com/NPBrowserExt]
"Description"=WEBZEN Browser Extension Interface
"Path"=C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
libdivx.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
nppdf32.dll
npwachk.dll
ssldivx.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\extensions\
anttoolbar@ant.com
staged
C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\searchplugins\
aol-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-05-02 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-05-02 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-04-29 1242448]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2010-07-22 2636800]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-04-12 445624]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-18 880496]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
C:\Users\Envy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-06-29 05:00:33 ----D---- C:\rsit
2012-06-29 05:00:33 ----D---- C:\Program Files\trend micro
2012-06-24 14:19:33 ----D---- C:\Program Files\Dungeon Siege III
2012-06-20 00:33:15 ----D---- C:\Program Files (x86)\MP4Converter
2012-06-19 03:02:03 ----A---- C:\Windows\system32\wups2.dll
2012-06-19 03:02:03 ----A---- C:\Windows\system32\wucltux.dll
2012-06-19 03:02:03 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-19 03:02:03 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-19 03:01:52 ----A---- C:\Windows\system32\wups.dll
2012-06-19 03:01:52 ----A---- C:\Windows\system32\wudriver.dll
2012-06-19 03:01:52 ----A---- C:\Windows\system32\wuapi.dll
2012-06-19 03:01:42 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-19 03:01:42 ----A---- C:\Windows\system32\wuapp.exe
2012-06-17 00:44:04 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-17 00:44:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-17 00:44:04 ----A---- C:\Windows\system32\url.dll
2012-06-17 00:44:04 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-17 00:44:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-17 00:44:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-17 00:44:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-17 00:44:03 ----A---- C:\Windows\system32\urlmon.dll
2012-06-17 00:44:03 ----A---- C:\Windows\system32\ieui.dll
2012-06-17 00:44:03 ----A---- C:\Windows\system32\iertutil.dll
2012-06-17 00:44:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-17 00:44:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-17 00:44:02 ----A---- C:\Windows\system32\wininet.dll
2012-06-17 00:44:02 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-17 00:44:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-17 00:44:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-17 00:44:01 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-17 00:44:01 ----A---- C:\Windows\system32\jscript9.dll
2012-06-17 00:44:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-17 00:44:00 ----A---- C:\Windows\system32\jscript.dll
2012-06-17 00:43:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-17 00:43:58 ----A---- C:\Windows\system32\mshtml.dll
2012-06-17 00:43:58 ----A---- C:\Windows\system32\ieframe.dll
2012-06-17 00:43:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-17 00:42:01 ----A---- C:\Windows\system32\rdpcorets.dll
2012-06-17 00:42:01 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-17 00:42:00 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-17 00:42:00 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-17 00:42:00 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-17 00:41:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-17 00:41:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-17 00:41:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-17 00:41:38 ----A---- C:\Windows\system32\win32k.sys
2012-06-04 16:57:25 ----D---- C:\Program Files\GIMP 2
======List of files/folders modified in the last 1 month======
2012-06-29 05:00:45 ----D---- C:\Windows\Prefetch
2012-06-29 05:00:35 ----D---- C:\Windows\Temp
2012-06-29 05:00:33 ----RD---- C:\Program Files
2012-06-29 05:00:05 ----D---- C:\Users\Envy\AppData\Roaming\uTorrent
2012-06-29 04:46:43 ----D---- C:\Users\Envy\AppData\Roaming\Hamachi
2012-06-29 04:45:31 ----D---- C:\Users\Envy\AppData\Roaming\Skype
2012-06-29 04:44:50 ----D---- C:\Program Files (x86)\Steam
2012-06-29 04:30:05 ----D---- C:\Windows\system32\config
2012-06-28 22:41:13 ----D---- C:\Users\Envy\AppData\Roaming\XnView
2012-06-25 00:49:59 ----D---- C:\Program Files (x86)\Diablo III
2012-06-24 14:52:53 ----D---- C:\Windows\system32\catroot2
2012-06-24 12:37:54 ----D---- C:\Program Files (x86)\FRD-0.85-final
2012-06-20 15:31:49 ----D---- C:\Windows\rescache
2012-06-20 00:33:15 ----RD---- C:\Program Files (x86)
2012-06-19 11:34:39 ----D---- C:\Windows\winsxs
2012-06-19 11:34:17 ----D---- C:\Windows\system32\zh-CN
2012-06-19 11:34:17 ----D---- C:\Windows\system32\ru-RU
2012-06-19 11:34:17 ----D---- C:\Windows\system32\ja-JP
2012-06-19 11:34:17 ----D---- C:\Windows\system32\cs-CZ
2012-06-19 11:34:17 ----D---- C:\Windows\System32
2012-06-19 03:02:18 ----D---- C:\Windows\system32\catroot
2012-06-19 03:01:37 ----SHD---- C:\System Volume Information
2012-06-19 01:41:11 ----D---- C:\ProgramData\Media Center Programs
2012-06-19 01:35:40 ----SHD---- C:\Windows\Installer
2012-06-18 22:54:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-17 16:07:32 ----D---- C:\Windows\Microsoft.NET
2012-06-17 16:07:13 ----RSD---- C:\Windows\assembly
2012-06-17 14:50:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-17 05:13:06 ----D---- C:\Windows\SYSWOW64\migration
2012-06-17 05:13:06 ----D---- C:\Windows\SysWOW64
2012-06-17 05:13:06 ----D---- C:\Windows\system32\migration
2012-06-17 05:13:06 ----D---- C:\Windows\system32\drivers
2012-06-17 05:13:06 ----D---- C:\Program Files\Internet Explorer
2012-06-17 05:13:06 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-17 02:36:35 ----D---- C:\Windows\inf
2012-06-17 00:49:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-17 00:47:17 ----A---- C:\Windows\system32\MRT.exe
2012-06-14 17:33:53 ----D---- C:\ProgramData\Sony Ericsson
2012-06-14 17:33:51 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-06-12 15:26:38 ----D---- C:\Windows\system32\Tasks
2012-06-12 15:26:25 ----D---- C:\Windows\Tasks
2012-06-12 15:26:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-06-07 15:09:16 ----D---- C:\Windows\system32\DriverStore
2012-06-03 22:26:41 ----D---- C:\Zástupci
2012-06-03 22:26:36 ----D---- C:\Program Files (x86)\uTorrent
2012-06-02 16:14:48 ----D---- C:\Program Files (x86)\Origin
2012-05-30 22:35:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 ALSysIO;ALSysIO; \??\C:\Users\Envy\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-01-12 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-01-12 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-10-27 33344]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-12-10 75136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-07-04 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podezdření na Malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Podezdření na Malware
Zdravim a pekny den preji 
Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium 
A nebo byla "koupena" nekde na internetu 
Predpokladam, ze na NOD32 mate tez zakoupenou licenci
Z ceho prameni vase podezreni na malware
Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium A nebo byla "koupena" nekde na internetu Predpokladam, ze na NOD32 mate tez zakoupenou licenci Z ceho prameni vase podezreni na malware "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
Zdravím
Seveny jsem dostal od známého jako multilicenci a k tomu Noda.
Podezdření pramení z toho, že se mi někdo dostal na Battle.net účet a změnil mi přihlašovací údaje pár hodin po tom co jsem se pokoušel připojit k BN paypal účet.
Seveny jsem dostal od známého jako multilicenci a k tomu Noda.
Podezdření pramení z toho, že se mi někdo dostal na Battle.net účet a změnil mi přihlašovací údaje pár hodin po tom co jsem se pokoušel připojit k BN paypal účet.
Re: Podezdření na Malware
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.06.30.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Envy :: PURGATORY [administrátor]
Ochrana: Povolena
30.6.2012 23:22:00
mbam-log-2012-07-01 (01-00-27).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 623426
Uplynulý čas: 1 hodin, 28 minut, 38 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
B:\DoQ\SONY\Sony.Vegas.Pro.v10.Keygen.and.PatchFIX-[MART!K]\Vegas Pro 10 64bit F!x\Sony Audio Patch (64.bit).exe (PUP.Hacktool.Patcher) -> Žádná instrukce nebyla provedena.
B:\DoQ\SONY\Sony.Vegas.Pro.v10.Keygen.and.PatchFIX-[MART!K]\Vegas Pro 10 64bit F!x\Sony Vegas Pro 10 Patch (64.bit).exe (PUP.Hacktool.Patcher) -> Žádná instrukce nebyla provedena.
(konec)
www.malwarebytes.org
Verze databáze: v2012.06.30.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Envy :: PURGATORY [administrátor]
Ochrana: Povolena
30.6.2012 23:22:00
mbam-log-2012-07-01 (01-00-27).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 623426
Uplynulý čas: 1 hodin, 28 minut, 38 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
B:\DoQ\SONY\Sony.Vegas.Pro.v10.Keygen.and.PatchFIX-[MART!K]\Vegas Pro 10 64bit F!x\Sony Audio Patch (64.bit).exe (PUP.Hacktool.Patcher) -> Žádná instrukce nebyla provedena.
B:\DoQ\SONY\Sony.Vegas.Pro.v10.Keygen.and.PatchFIX-[MART!K]\Vegas Pro 10 64bit F!x\Sony Vegas Pro 10 Patch (64.bit).exe (PUP.Hacktool.Patcher) -> Žádná instrukce nebyla provedena.
(konec)
Re: Podezdření na Malware
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Podezdření na Malware
Logy mi sem prosim vlozte - klidne je rozdelte do vice prispevku - lepe se to lusti...Dekuji
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
OTL
OTL logfile created on: 1.7.2012 12:44:26 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Envy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 5,26 Gb Available Physical Memory | 65,81% Memory free
16,00 Gb Paging File | 12,96 Gb Available in Paging File | 81,04% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 76,47 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
Drive D: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1863,01 Gb Total Space | 805,12 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Computer Name: PURGATORY | User Name: Envy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.07.01 12:42:10 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
PRC - [2012.06.17 14:50:07 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.06.12 15:26:24 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012.05.18 04:52:29 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.04.29 14:38:14 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012.04.20 12:26:14 | 002,376,888 | ---- | M] (Frogster) -- C:\Program Files (x86)\TERA\TERA-Launcher.exe
PRC - [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.10 02:26:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.07.22 15:18:32 | 002,636,800 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2010.04.12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
========== Modules (No Company Name) ==========
MOD - [2012.06.19 23:05:13 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.06.19 23:05:05 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.06.19 23:05:04 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.06.19 23:05:04 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.06.19 23:05:04 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.06.17 14:50:06 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.06.12 15:26:24 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012.04.20 12:26:16 | 000,115,256 | ---- | M] () -- C:\Program Files (x86)\TERA\CopyCub.dll
MOD - [2012.04.18 16:30:36 | 000,583,168 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.04.16 08:20:24 | 019,656,816 | ---- | M] () -- C:\Program Files (x86)\TERA\libcef.dll
MOD - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.03 12:30:52 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011.11.23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2011.08.17 10:38:01 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.08.17 10:38:01 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.08.17 10:38:01 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.08.17 10:38:00 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2011.08.17 10:38:00 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.08.17 10:38:00 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.08.17 10:38:00 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.08.17 10:38:00 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.08.17 10:38:00 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011.08.17 10:38:00 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.08.17 10:38:00 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.08.17 10:38:00 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.08.17 10:38:00 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.08.17 10:38:00 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.08.17 10:38:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.08.17 10:38:00 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.08.17 10:38:00 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.08.17 10:38:00 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.08.17 10:38:00 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.08.17 10:38:00 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.08.17 10:38:00 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.08.17 10:38:00 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.08.17 10:38:00 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.08.17 10:38:00 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.08.17 10:38:00 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.08.17 10:38:00 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.08.17 10:38:00 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2011.08.17 10:38:00 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.08.17 10:38:00 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2011.08.17 10:38:00 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.08.17 10:38:00 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.08.17 10:38:00 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.08.17 10:38:00 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.08.17 10:38:00 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.08.17 10:38:00 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.08.17 10:38:00 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.08.17 10:38:00 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2011.08.17 10:38:00 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.08.17 10:38:00 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.08.17 10:38:00 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2011.08.17 10:38:00 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.08.17 10:38:00 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2010.07.22 15:18:32 | 002,636,800 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2010.06.01 12:41:38 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.05.08 00:05:57 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.04.03 12:37:14 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2010.04.03 12:37:09 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.04.03 12:37:07 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.04.03 12:37:02 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2010.04.03 12:36:58 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.01.12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.11.26 04:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.17 14:50:06 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.10 02:26:53 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.07.04 21:59:10 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.12 01:49:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.01.12 01:49:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.10.27 14:23:47 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.11.26 06:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.11.26 04:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.04.12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009.03.25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009.03.25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009.03.25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 210.176.171.237:8080
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.cz/"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Envy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 14:50:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 20:30:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.06.13 20:57:08 | 000,000,000 | ---D | M]
[2011.06.13 20:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Envy\AppData\Roaming\Mozilla\Extensions
[2012.06.29 17:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\extensions
[2012.06.10 01:16:59 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\extensions\anttoolbar@ant.com
[2011.10.18 23:27:07 | 000,002,354 | ---- | M] () -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\searchplugins\aol-web-search.xml
[2012.05.04 06:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.08.17 13:18:26 | 000,010,285 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
[2012.06.29 17:31:40 | 000,743,305 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.30 01:04:10 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.05.19 14:38:01 | 000,697,058 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.01.19 01:29:15 | 000,057,742 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\MLDONKEYFOX@PERCU.BE.XPI
[2011.06.13 20:53:27 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.06.17 14:50:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.05.02 07:09:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.04 02:57:15 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.04 02:57:15 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.04 02:57:15 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.04 02:57:15 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.04 02:57:15 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Envy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.92.155.1 81.92.155.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D1B7586-B5E1-46B3-9AA4-E9CEBAD15451}: DhcpNameServer = 81.92.155.1 81.92.155.100
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.09 23:44:17 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{95237982-98b4-11e0-adab-00241ddf4e6e}\Shell - "" = AutoRun
O33 - MountPoints2\{95237982-98b4-11e0-adab-00241ddf4e6e}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{d720aeba-386e-11e1-aa4a-00241ddf4e6e}\Shell - "" = AutoRun
O33 - MountPoints2\{d720aeba-386e-11e1-aa4a-00241ddf4e6e}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\steambackup.EXE -- [2011.04.17 03:36:24 | 000,369,152 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.07.01 12:41:43 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
[2012.07.01 02:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2012.07.01 02:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2012.07.01 02:05:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERA
[2012.06.30 14:01:41 | 000,000,000 | ---D | C] -- C:\Users\Envy\AppData\Roaming\Malwarebytes
[2012.06.30 14:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.30 14:01:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.30 14:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.30 14:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.29 05:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.29 05:00:33 | 000,000,000 | ---D | C] -- C:\rsit
[2012.06.24 14:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Dungeon Siege III
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.07.01 12:46:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.01 12:42:10 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
[2012.07.01 02:06:03 | 000,001,844 | ---- | M] () -- C:\Users\Envy\Desktop\TERA.lnk
[2012.06.30 15:53:56 | 003,463,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.30 15:53:56 | 000,714,326 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2012.06.30 15:53:56 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.30 15:53:56 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.30 15:53:56 | 000,407,584 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2012.06.30 15:53:56 | 000,374,908 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2012.06.30 15:53:56 | 000,149,368 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2012.06.30 15:53:56 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.30 15:53:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2012.06.30 15:53:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.30 15:53:56 | 000,118,942 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2012.06.30 14:01:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.30 13:52:35 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.30 13:52:35 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.30 13:45:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.30 13:45:16 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.25 22:04:49 | 000,174,094 | ---- | M] () -- C:\Users\Envy\Documents\666.jpg
[2012.06.25 22:02:03 | 000,227,657 | ---- | M] () -- C:\Users\Envy\Documents\Samara hadr.jpg
[2012.06.25 22:01:18 | 003,181,504 | ---- | M] () -- C:\Users\Envy\Documents\P6240123.JPG
[2012.06.24 23:13:44 | 000,001,550 | ---- | M] () -- C:\Users\Envy\Desktop\Dungeon Siege III – zástupce.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.01 12:46:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.01 02:06:03 | 000,001,844 | ---- | C] () -- C:\Users\Envy\Desktop\TERA.lnk
[2012.06.30 14:01:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 22:04:49 | 000,174,094 | ---- | C] () -- C:\Users\Envy\Documents\666.jpg
[2012.06.25 22:02:03 | 000,227,657 | ---- | C] () -- C:\Users\Envy\Documents\Samara hadr.jpg
[2012.06.25 21:59:52 | 003,181,504 | ---- | C] () -- C:\Users\Envy\Documents\P6240123.JPG
[2012.06.24 23:13:44 | 000,001,550 | ---- | C] () -- C:\Users\Envy\Desktop\Dungeon Siege III – zástupce.lnk
[2012.04.01 21:06:04 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.06 01:55:09 | 000,000,114 | ---- | C] () -- C:\Users\Envy\kvirc4.ini
[2011.12.01 19:20:24 | 003,414,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.09 22:59:15 | 000,091,320 | ---- | C] () -- C:\Program Files (x86)\Monster Meg Dia.wav
[2011.11.02 11:23:50 | 000,056,467 | ---- | C] () -- C:\Program Files (x86)\fasterfox.png
[2011.11.01 02:05:27 | 000,000,028 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2011.10.26 03:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 03:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.12 18:48:18 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.08.29 15:47:55 | 000,000,352 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\Network Meter_Settings.ini
[2011.08.11 16:33:36 | 000,000,565 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\myMPQ.ini
[2011.08.09 09:16:13 | 000,068,078 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.07.26 09:16:30 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2011.07.03 15:35:57 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011.07.02 12:56:44 | 000,000,412 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\All CPU Meter_Settings.ini
[2011.06.13 22:49:59 | 000,280,976 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.13 22:49:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.13 22:21:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.06.13 20:12:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.01.11 20:31:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\.minecraft
[2012.03.17 14:36:39 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ashampoo
[2012.03.15 07:00:08 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Audacity
[2012.03.18 10:50:33 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\BigHugeEngine
[2011.06.27 22:54:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Bioshock2
[2011.07.02 00:23:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\GHISLER
[2011.08.11 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Guitar Pro 6
[2012.02.12 07:01:30 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Kalypso Media
[2011.12.06 03:43:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\KVIrc4
[2011.06.27 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Lionhead Studios
[2011.06.14 10:25:52 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient
[2012.05.24 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient2
[2012.02.12 02:21:12 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Monotea
[2011.11.08 21:34:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mumble
[2012.01.27 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Need for Speed World
[2011.07.02 00:42:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\OpenOffice.org
[2011.08.17 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Opera
[2012.02.15 09:03:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Origin
[2011.12.21 02:11:11 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Publish Providers
[2011.06.13 22:49:55 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\PunkBuster
[2011.10.29 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sierra Entertainment
[2011.12.21 02:11:09 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sony
[2012.04.22 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Tropico 4
[2011.12.10 02:26:21 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ubisoft
[2012.02.08 00:54:40 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Unity
[2012.07.01 12:49:13 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\uTorrent
[2011.06.16 22:37:14 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\VitySoft
[2012.03.25 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Wargaming.net
[2011.09.12 18:48:20 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\World-LooM
[2012.06.30 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\XnView
[2012.03.24 13:41:34 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\497f1e4dafa97f598bed5c14f151a14f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\497f1e4dafa97f598bed5c14f151a14f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4e524ca2fbf8498fa29ff4a9b8ad462c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4e524ca2fbf8498fa29ff4a9b8ad462c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a67d73cadaec7ac19b04dc9d8f6eba35\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a67d73cadaec7ac19b04dc9d8f6eba35\*.tmp -> ]
[4 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.11 20:31:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\.minecraft
[2012.04.01 12:46:24 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Adobe
[2012.03.17 14:36:39 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ashampoo
[2011.06.13 20:12:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\ATI
[2012.03.15 07:00:08 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Audacity
[2012.03.18 10:50:33 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\BigHugeEngine
[2011.06.27 22:54:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Bioshock2
[2011.07.02 00:23:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\GHISLER
[2011.08.11 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Guitar Pro 6
[2012.06.30 13:45:36 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Hamachi
[2011.06.13 16:01:29 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Identities
[2011.10.29 19:47:37 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\InstallShield
[2012.02.12 07:01:30 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Kalypso Media
[2011.12.06 03:43:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\KVIrc4
[2011.06.27 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Lionhead Studios
[2011.06.14 10:25:52 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient
[2012.05.24 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient2
[2011.06.13 20:32:43 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Macromedia
[2012.06.30 14:01:41 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Media Center Programs
[2012.04.01 21:06:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Media Player Classic
[2012.01.30 13:15:16 | 000,000,000 | --SD | M] -- C:\Users\Envy\AppData\Roaming\Microsoft
[2012.01.16 02:24:29 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Microsoft Games
[2012.02.12 02:21:12 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Monotea
[2012.02.20 08:34:04 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mozilla
[2011.11.08 21:34:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mumble
[2012.01.27 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Need for Speed World
[2011.07.02 00:42:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\OpenOffice.org
[2011.08.17 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Opera
[2012.02.15 09:03:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Origin
[2011.12.21 02:11:11 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Publish Providers
[2011.06.13 22:49:55 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\PunkBuster
[2011.07.02 23:44:44 | 000,000,000 | RH-D | M] -- C:\Users\Envy\AppData\Roaming\SecuROM
[2011.10.29 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sierra Entertainment
[2012.07.01 12:53:22 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Skype
[2011.07.13 09:12:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\skypePM
[2011.12.21 02:11:09 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sony
[2012.04.22 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Tropico 4
[2011.12.10 02:26:21 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ubisoft
[2012.02.08 00:54:40 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Unity
[2012.07.01 13:00:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\uTorrent
[2011.06.16 22:37:14 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\VitySoft
[2012.03.25 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Wargaming.net
[2012.02.10 14:02:05 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Winamp
[2011.06.13 20:44:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\WinRAR
[2011.09.12 18:48:20 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\World-LooM
[2012.06.30 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\XnView
OTL logfile created on: 1.7.2012 12:44:26 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Envy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 5,26 Gb Available Physical Memory | 65,81% Memory free
16,00 Gb Paging File | 12,96 Gb Available in Paging File | 81,04% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 76,47 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
Drive D: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1863,01 Gb Total Space | 805,12 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Computer Name: PURGATORY | User Name: Envy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.07.01 12:42:10 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
PRC - [2012.06.17 14:50:07 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.06.12 15:26:24 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012.05.18 04:52:29 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.04.29 14:38:14 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012.04.20 12:26:14 | 002,376,888 | ---- | M] (Frogster) -- C:\Program Files (x86)\TERA\TERA-Launcher.exe
PRC - [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.10 02:26:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.07.22 15:18:32 | 002,636,800 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2010.04.12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
========== Modules (No Company Name) ==========
MOD - [2012.06.19 23:05:13 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.06.19 23:05:05 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.06.19 23:05:04 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.06.19 23:05:04 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.06.19 23:05:04 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.06.17 14:50:06 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.06.12 15:26:24 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012.04.20 12:26:16 | 000,115,256 | ---- | M] () -- C:\Program Files (x86)\TERA\CopyCub.dll
MOD - [2012.04.18 16:30:36 | 000,583,168 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.04.16 08:20:24 | 019,656,816 | ---- | M] () -- C:\Program Files (x86)\TERA\libcef.dll
MOD - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.03 12:30:52 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011.11.23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2011.08.17 10:38:01 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.08.17 10:38:01 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.08.17 10:38:01 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.08.17 10:38:00 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2011.08.17 10:38:00 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.08.17 10:38:00 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.08.17 10:38:00 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.08.17 10:38:00 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.08.17 10:38:00 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011.08.17 10:38:00 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.08.17 10:38:00 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.08.17 10:38:00 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.08.17 10:38:00 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.08.17 10:38:00 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.08.17 10:38:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.08.17 10:38:00 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.08.17 10:38:00 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.08.17 10:38:00 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.08.17 10:38:00 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.08.17 10:38:00 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.08.17 10:38:00 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.08.17 10:38:00 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.08.17 10:38:00 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.08.17 10:38:00 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.08.17 10:38:00 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.08.17 10:38:00 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.08.17 10:38:00 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2011.08.17 10:38:00 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.08.17 10:38:00 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2011.08.17 10:38:00 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.08.17 10:38:00 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.08.17 10:38:00 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.08.17 10:38:00 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.08.17 10:38:00 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.08.17 10:38:00 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.08.17 10:38:00 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.08.17 10:38:00 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2011.08.17 10:38:00 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.08.17 10:38:00 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.08.17 10:38:00 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2011.08.17 10:38:00 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.08.17 10:38:00 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2010.07.22 15:18:32 | 002,636,800 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2010.06.01 12:41:38 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.05.08 00:05:57 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.04.03 12:37:14 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2010.04.03 12:37:09 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.04.03 12:37:07 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.04.03 12:37:02 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2010.04.03 12:36:58 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.01.12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.11.26 04:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.17 14:50:06 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.10 02:26:53 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.07.04 21:59:10 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.12 01:49:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.01.12 01:49:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.10.27 14:23:47 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.11.26 06:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.11.26 04:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.04.12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009.03.25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009.03.25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009.03.25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009.03.25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-919756733-2594212609-420078527-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 210.176.171.237:8080
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.cz/"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Envy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 14:50:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 20:30:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.06.13 20:57:08 | 000,000,000 | ---D | M]
[2011.06.13 20:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Envy\AppData\Roaming\Mozilla\Extensions
[2012.06.29 17:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\extensions
[2012.06.10 01:16:59 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\extensions\anttoolbar@ant.com
[2011.10.18 23:27:07 | 000,002,354 | ---- | M] () -- C:\Users\Envy\AppData\Roaming\Mozilla\Firefox\Profiles\lu3jn5q4.default\searchplugins\aol-web-search.xml
[2012.05.04 06:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.08.17 13:18:26 | 000,010,285 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
[2012.06.29 17:31:40 | 000,743,305 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.30 01:04:10 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.05.19 14:38:01 | 000,697,058 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.01.19 01:29:15 | 000,057,742 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\MLDONKEYFOX@PERCU.BE.XPI
[2011.06.13 20:53:27 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\ENVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LU3JN5Q4.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.06.17 14:50:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.05.02 07:09:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.04 02:57:15 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.04 02:57:15 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.04 02:57:15 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.04 02:57:15 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.04 02:57:15 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-919756733-2594212609-420078527-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Envy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.92.155.1 81.92.155.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D1B7586-B5E1-46B3-9AA4-E9CEBAD15451}: DhcpNameServer = 81.92.155.1 81.92.155.100
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.09 23:44:17 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{95237982-98b4-11e0-adab-00241ddf4e6e}\Shell - "" = AutoRun
O33 - MountPoints2\{95237982-98b4-11e0-adab-00241ddf4e6e}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{d720aeba-386e-11e1-aa4a-00241ddf4e6e}\Shell - "" = AutoRun
O33 - MountPoints2\{d720aeba-386e-11e1-aa4a-00241ddf4e6e}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\steambackup.EXE -- [2011.04.17 03:36:24 | 000,369,152 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.07.01 12:41:43 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
[2012.07.01 02:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2012.07.01 02:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2012.07.01 02:05:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERA
[2012.06.30 14:01:41 | 000,000,000 | ---D | C] -- C:\Users\Envy\AppData\Roaming\Malwarebytes
[2012.06.30 14:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.30 14:01:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.30 14:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.30 14:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.29 05:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.29 05:00:33 | 000,000,000 | ---D | C] -- C:\rsit
[2012.06.24 14:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Dungeon Siege III
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.07.01 12:46:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.01 12:42:10 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Envy\Desktop\OTL.exe
[2012.07.01 02:06:03 | 000,001,844 | ---- | M] () -- C:\Users\Envy\Desktop\TERA.lnk
[2012.06.30 15:53:56 | 003,463,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.30 15:53:56 | 000,714,326 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2012.06.30 15:53:56 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.30 15:53:56 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.30 15:53:56 | 000,407,584 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2012.06.30 15:53:56 | 000,374,908 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2012.06.30 15:53:56 | 000,149,368 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2012.06.30 15:53:56 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.30 15:53:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2012.06.30 15:53:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.30 15:53:56 | 000,118,942 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2012.06.30 14:01:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.30 13:52:35 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.30 13:52:35 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.30 13:45:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.30 13:45:16 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.25 22:04:49 | 000,174,094 | ---- | M] () -- C:\Users\Envy\Documents\666.jpg
[2012.06.25 22:02:03 | 000,227,657 | ---- | M] () -- C:\Users\Envy\Documents\Samara hadr.jpg
[2012.06.25 22:01:18 | 003,181,504 | ---- | M] () -- C:\Users\Envy\Documents\P6240123.JPG
[2012.06.24 23:13:44 | 000,001,550 | ---- | M] () -- C:\Users\Envy\Desktop\Dungeon Siege III – zástupce.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.01 12:46:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.01 02:06:03 | 000,001,844 | ---- | C] () -- C:\Users\Envy\Desktop\TERA.lnk
[2012.06.30 14:01:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.25 22:04:49 | 000,174,094 | ---- | C] () -- C:\Users\Envy\Documents\666.jpg
[2012.06.25 22:02:03 | 000,227,657 | ---- | C] () -- C:\Users\Envy\Documents\Samara hadr.jpg
[2012.06.25 21:59:52 | 003,181,504 | ---- | C] () -- C:\Users\Envy\Documents\P6240123.JPG
[2012.06.24 23:13:44 | 000,001,550 | ---- | C] () -- C:\Users\Envy\Desktop\Dungeon Siege III – zástupce.lnk
[2012.04.01 21:06:04 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.06 01:55:09 | 000,000,114 | ---- | C] () -- C:\Users\Envy\kvirc4.ini
[2011.12.01 19:20:24 | 003,414,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.09 22:59:15 | 000,091,320 | ---- | C] () -- C:\Program Files (x86)\Monster Meg Dia.wav
[2011.11.02 11:23:50 | 000,056,467 | ---- | C] () -- C:\Program Files (x86)\fasterfox.png
[2011.11.01 02:05:27 | 000,000,028 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2011.10.26 03:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 03:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.12 18:48:18 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.08.29 15:47:55 | 000,000,352 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\Network Meter_Settings.ini
[2011.08.11 16:33:36 | 000,000,565 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\myMPQ.ini
[2011.08.09 09:16:13 | 000,068,078 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.07.26 09:16:30 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2011.07.03 15:35:57 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011.07.02 12:56:44 | 000,000,412 | ---- | C] () -- C:\Users\Envy\AppData\Roaming\All CPU Meter_Settings.ini
[2011.06.13 22:49:59 | 000,280,976 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.13 22:49:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.13 22:21:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.06.13 20:12:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.01.11 20:31:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\.minecraft
[2012.03.17 14:36:39 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ashampoo
[2012.03.15 07:00:08 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Audacity
[2012.03.18 10:50:33 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\BigHugeEngine
[2011.06.27 22:54:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Bioshock2
[2011.07.02 00:23:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\GHISLER
[2011.08.11 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Guitar Pro 6
[2012.02.12 07:01:30 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Kalypso Media
[2011.12.06 03:43:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\KVIrc4
[2011.06.27 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Lionhead Studios
[2011.06.14 10:25:52 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient
[2012.05.24 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient2
[2012.02.12 02:21:12 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Monotea
[2011.11.08 21:34:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mumble
[2012.01.27 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Need for Speed World
[2011.07.02 00:42:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\OpenOffice.org
[2011.08.17 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Opera
[2012.02.15 09:03:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Origin
[2011.12.21 02:11:11 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Publish Providers
[2011.06.13 22:49:55 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\PunkBuster
[2011.10.29 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sierra Entertainment
[2011.12.21 02:11:09 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sony
[2012.04.22 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Tropico 4
[2011.12.10 02:26:21 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ubisoft
[2012.02.08 00:54:40 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Unity
[2012.07.01 12:49:13 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\uTorrent
[2011.06.16 22:37:14 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\VitySoft
[2012.03.25 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Wargaming.net
[2011.09.12 18:48:20 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\World-LooM
[2012.06.30 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\XnView
[2012.03.24 13:41:34 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\497f1e4dafa97f598bed5c14f151a14f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\497f1e4dafa97f598bed5c14f151a14f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4e524ca2fbf8498fa29ff4a9b8ad462c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4e524ca2fbf8498fa29ff4a9b8ad462c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a67d73cadaec7ac19b04dc9d8f6eba35\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a67d73cadaec7ac19b04dc9d8f6eba35\*.tmp -> ]
[4 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.11 20:31:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\.minecraft
[2012.04.01 12:46:24 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Adobe
[2012.03.17 14:36:39 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ashampoo
[2011.06.13 20:12:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\ATI
[2012.03.15 07:00:08 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Audacity
[2012.03.18 10:50:33 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\BigHugeEngine
[2011.06.27 22:54:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Bioshock2
[2011.07.02 00:23:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\GHISLER
[2011.08.11 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Guitar Pro 6
[2012.06.30 13:45:36 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Hamachi
[2011.06.13 16:01:29 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Identities
[2011.10.29 19:47:37 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\InstallShield
[2012.02.12 07:01:30 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Kalypso Media
[2011.12.06 03:43:51 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\KVIrc4
[2011.06.27 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Lionhead Studios
[2011.06.14 10:25:52 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient
[2012.05.24 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\LolClient2
[2011.06.13 20:32:43 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Macromedia
[2012.06.30 14:01:41 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Media Center Programs
[2012.04.01 21:06:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Media Player Classic
[2012.01.30 13:15:16 | 000,000,000 | --SD | M] -- C:\Users\Envy\AppData\Roaming\Microsoft
[2012.01.16 02:24:29 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Microsoft Games
[2012.02.12 02:21:12 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Monotea
[2012.02.20 08:34:04 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mozilla
[2011.11.08 21:34:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Mumble
[2012.01.27 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Need for Speed World
[2011.07.02 00:42:45 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\OpenOffice.org
[2011.08.17 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Opera
[2012.02.15 09:03:46 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Origin
[2011.12.21 02:11:11 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Publish Providers
[2011.06.13 22:49:55 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\PunkBuster
[2011.07.02 23:44:44 | 000,000,000 | RH-D | M] -- C:\Users\Envy\AppData\Roaming\SecuROM
[2011.10.29 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sierra Entertainment
[2012.07.01 12:53:22 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Skype
[2011.07.13 09:12:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\skypePM
[2011.12.21 02:11:09 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Sony
[2012.04.22 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Tropico 4
[2011.12.10 02:26:21 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Ubisoft
[2012.02.08 00:54:40 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Unity
[2012.07.01 13:00:00 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\uTorrent
[2011.06.16 22:37:14 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\VitySoft
[2012.03.25 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Wargaming.net
[2012.02.10 14:02:05 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\Winamp
[2011.06.13 20:44:19 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\WinRAR
[2011.09.12 18:48:20 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\World-LooM
[2012.06.30 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Envy\AppData\Roaming\XnView
-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
< %APPDATA%\*.exe /s >
[2011.08.05 20:28:03 | 000,011,264 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD91693.exe
[2011.08.05 20:28:03 | 000,018,944 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD916931.exe
[2011.08.23 17:36:47 | 000,011,502 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
[2011.08.23 17:36:47 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,015,086 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,008,854 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.10.15 12:07:34 | 000,010,134 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2012.04.29 14:38:14 | 001,242,448 | ---- | M] (Valve Corporation)
"OscarEditor" = "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum -- [2010.07.22 15:18:32 | 002,636,800 | ---- | M] ()
"Sony PC Companion" = "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background -- [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.02.29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.18 04:52:29 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.06.17 14:50:07 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.05.18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.05.14 20:59:06 | 000,949,104 | ---- | M] (Opera Software) MD5=E8F78F11945EE6F91408C99AF15143EA -- C:\Program Files (x86)\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.01 12:46:14 | 000,000,512 | ---- | M] () MD5=923E067BB47C532023788132696ADB71 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2004.04.02 12:20:20 | 000,051,904 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\EggCrack1.gif
[2004.04.02 12:20:20 | 000,045,824 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\EggCrack2.gif
[2004.04.02 12:20:20 | 000,006,573 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\_EggCrack1.gif
[2004.04.02 12:20:20 | 000,005,387 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\_EggCrack2.gif
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Grand Theft Auto IV\wurstsuppe-gta4crack.nfo
[2011.12.01 22:27:42 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\skyrim\Data\Textures\architecture\windhelm\wholdcrackedbrick.dds
[2011.12.01 22:25:29 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\skyrim\Data\Textures\architecture\windhelm\wholdcrackedbrick2.dds
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2012.05.02 08:51:20 | 000,018,721 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_audio_dso_env_atmo_fx_wood_crack.fsb._9fb56f57b36f84d27bc3fc711c74229d
[2012.05.06 15:49:05 | 000,052,388 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks.dds._9763bba1eef345cbd8fdd5d52f2eb2ad
[2012.05.06 15:49:05 | 000,028,639 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks_emsv.dds._e91a1ed583df6d7ac1e8b3ff52b8a1b5
[2012.05.05 00:12:18 | 000,002,921 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ice_cracks.dds._38c2db18755cf8f1711062db7dad883b
[2012.05.06 15:49:05 | 000,010,317 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_p_cracks_2.dds._39bfaf026e0bde11ec2a5c886139fcbe
[2012.06.24 14:16:37 | 000,000,317 | ---- | M] () -- \Users\Envy\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2011.07.21 15:44:31 | 000,012,003 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Dragon_Age_2_Update_v1.03_Cracked-FLTDOX.torrent
[2011.08.20 16:02:50 | 000,015,257 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\From.Dust.Crack.Only-SKIDROW.torrent
[2011.07.02 00:07:14 | 000,011,967 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent
[2011.08.11 16:12:03 | 000,040,889 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\SC2 FIXED ISO + Campaign and Skirmish cracks + maps.torrent
[2012.01.14 15:10:43 | 000,004,405 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Serious Sam 3 BFE Crack 100% working.torrent
[2012.01.13 01:58:34 | 000,010,633 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\SS3BFE_Crack.iso.torrent
[2008.09.23 18:19:08 | 000,016,223 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0001.OZJ
[2008.09.23 18:19:08 | 000,017,939 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0002.OZJ
[2008.09.23 18:19:08 | 000,020,684 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0003.OZJ
[2008.09.23 18:19:08 | 000,023,889 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0004.OZJ
[2008.09.23 18:19:08 | 000,027,580 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0005.OZJ
[2008.09.23 18:19:08 | 000,029,199 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0006.OZJ
[2008.09.23 18:19:08 | 000,028,015 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0007.OZJ
[2009.06.30 16:38:36 | 000,034,210 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\GoblinCrack.OZJ
[2008.05.20 18:23:34 | 000,011,320 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 12:10:42 | 000,005,648 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_b.bmd
[2010.08.04 20:43:32 | 000,161,560 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_dragon.bmd
[2008.04.24 17:01:00 | 000,160,240 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 16:38:32 | 000,002,072 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 16:38:32 | 000,004,428 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 16:38:32 | 000,003,024 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 15:38:06 | 000,003,448 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Item\firecracker.OZJ
[2009.06.30 16:38:36 | 000,034,210 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Monster\GoblinCrack.OZJ
[2006.07.03 11:30:54 | 000,016,685 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Object40\han_mcrack.OZJ
[2003.01.14 19:11:30 | 000,129,158 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Sound\eFirecracker1.wav
[2003.01.14 19:11:32 | 000,132,402 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Sound\eFirecracker2.wav
[2011.11.06 17:28:15 | 000,138,803 | ---- | M] () -- \Users\Envy\Documents\Crack.rar
[2012.01.29 22:33:57 | 000,039,492 | ---- | M] () -- \Users\Envy\Documents\Devil.May.Cry.4.(2008)-RELOADED.PC.Crack_[English].5420207.TPB.torrent
[2011.12.26 03:08:21 | 001,774,080 | ---- | M] () -- \Users\Envy\Downloads\darkspore-crack-and-keygen-100%-funkční-od-bigjeyjey70.exe
[2011.12.26 13:54:09 | 001,627,197 | ---- | M] () -- \Users\Envy\Downloads\Darksporecrack_new_20.05.2011.rar
[2011.07.03 15:30:58 | 019,189,262 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe.rar
[2012.01.11 18:47:23 | 043,186,095 | ---- | M] () -- \Users\Envy\Downloads\Minecraft.1.2.0.cRaCkEd.(KaEn_sG2,-updated).rar
[2011.07.02 13:45:20 | 005,440,102 | ---- | M] () -- \Users\Envy\Downloads\Need.for.Speed.Most.Wanted.v1.3.REAL.CRACK-VOLKSWAGEN.rar
[2011.12.02 08:15:55 | 008,971,822 | ---- | M] () -- \Users\Envy\Downloads\Terraria.v1.0.6.1.cracked-THETA-[ALEX].zip
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.nfo
[2008.12.04 14:24:58 | 009,576,446 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.rar
[2008.12.04 14:24:56 | 000,000,035 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.sfv
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack\wurstsuppe-gta4crack.nfo
< *keygen* /s >
[2011.07.02 00:07:14 | 000,011,967 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent
[2011.12.26 03:08:21 | 001,774,080 | ---- | M] () -- \Users\Envy\Downloads\darkspore-crack-and-keygen-100%-funkční-od-bigjeyjey70.exe
< *loader* /s >
[2011.10.17 08:57:37 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.06.28 22:53:32 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.06.28 22:53:36 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2004.04.17 17:36:42 | 000,002,043 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbar.jpg
[2004.06.23 11:27:56 | 000,001,261 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarloading.gif
[2004.06.23 11:27:58 | 000,001,302 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarloading_.gif
[2004.04.17 17:36:42 | 000,002,270 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarover.jpg
[2004.04.17 17:36:42 | 000,000,371 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarover_.gif
[2004.04.17 17:36:42 | 000,000,307 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbar_.gif
[2004.04.17 17:36:42 | 000,001,581 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderplay.gif
[2004.04.17 17:36:42 | 000,001,656 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderplay_.gif
[2012.06.01 10:06:52 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.09.24 00:19:25 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2009.09.18 11:58:48 | 002,104,496 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe
[2009.09.17 16:37:02 | 002,199,272 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\WoW-3.2.0-enGB-downloader.exe
[2011.04.06 16:56:01 | 005,126,669 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\Temp\wow-4.0.1.2210-enUS-tools-downloader.exe
[2011.04.06 16:56:15 | 000,001,364 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\Temp\Logs\Downloader.log
[2012.06.24 14:22:45 | 000,057,856 | ---- | M] () -- \Program Files\Dungeon Siege III\PhysXLoader.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.04.18 04:43:00 | 000,400,112 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2011.12.16 17:41:00 | 000,714,144 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.04.18 04:43:00 | 000,400,112 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2011.12.16 17:41:00 | 000,714,144 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2012.03.14 19:52:47 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[1].css
[2012.02.08 02:59:33 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[1].js
[2012.04.29 11:31:08 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[2].css
[2012.03.01 20:16:16 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[2].js
[2012.05.24 21:37:03 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[3].css
[2012.03.14 19:52:50 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[3].js
[2012.04.29 11:31:09 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[4].js
[2012.05.25 11:13:38 | 000,010,519 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWV4UWEX\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.06.15 23:24:57 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWV4UWEX\queryLoader[1].css
[2012.05.25 11:13:38 | 000,000,652 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAF0ISNC\AdLoader[1].htm
[2012.06.15 23:24:58 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAF0ISNC\queryLoader[1].js
[2011.10.17 08:56:52 | 002,764,854 | ---- | M] () -- \Users\Envy\Downloads\Downloader_Diablo2_enGB.exe
[2011.10.17 08:57:00 | 002,678,867 | ---- | M] () -- \Users\Envy\Downloads\Downloader_Diablo2_Lord_of_Destruction_enGB.exe
[2012.01.04 00:32:57 | 000,073,686 | ---- | M] () -- \Users\Envy\Downloads\PrometheusIsoLoader.zip
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.13 21:22:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2011.06.13 21:22:40 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.efi.mui_35ee487d
[2011.06.13 21:22:40 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.exe.mui_3bc5b827
[2011.06.13 21:22:40 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.efi.mui_f412814e
[2011.06.13 21:22:40 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.exe.mui_ff8b5358
[2011.09.23 12:45:34 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1.manifest
[2011.09.23 12:45:34 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winload.efi.mui_35ee487d
[2011.09.23 12:45:34 | 000,034,880 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winload.exe.mui_3bc5b827
[2011.09.23 12:45:34 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winresume.efi.mui_f412814e
[2011.09.23 12:45:34 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winresume.exe.mui_ff8b5358
[2011.09.23 12:55:50 | 000,004,338 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.09.23 12:55:50 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winload.efi.mui_35ee487d
[2011.09.23 12:55:50 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winload.exe.mui_3bc5b827
[2011.09.23 12:55:50 | 000,026,496 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winresume.efi.mui_f412814e
[2011.09.23 12:55:50 | 000,026,496 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winresume.exe.mui_ff8b5358
[2011.06.23 09:23:18 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.23 09:23:18 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.23 09:23:18 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.23 09:23:18 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.23 09:23:18 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 19:30:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2009.07.13 19:20:24 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1.manifest
[2009.07.13 20:28:54 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_3214161ae4d6b72c.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.16 22:37:20 | 000,001,449 | ---- | M] () -- \Zástupci\Free Rapid Downloader.lnk
< End of report >
[2011.08.05 20:28:03 | 000,011,264 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD91693.exe
[2011.08.05 20:28:03 | 000,018,944 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD916931.exe
[2011.08.23 17:36:47 | 000,011,502 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
[2011.08.23 17:36:47 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,015,086 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.08.23 17:36:47 | 000,008,854 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011.10.15 12:07:34 | 000,010,134 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Envy\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2012.04.29 14:38:14 | 001,242,448 | ---- | M] (Valve Corporation)
"OscarEditor" = "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum -- [2010.07.22 15:18:32 | 002,636,800 | ---- | M] ()
"Sony PC Companion" = "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background -- [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.02.29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.18 04:52:29 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.06.17 14:50:07 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.05.18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.05.14 20:59:06 | 000,949,104 | ---- | M] (Opera Software) MD5=E8F78F11945EE6F91408C99AF15143EA -- C:\Program Files (x86)\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.01 12:46:14 | 000,000,512 | ---- | M] () MD5=923E067BB47C532023788132696ADB71 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2004.04.02 12:20:20 | 000,051,904 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\EggCrack1.gif
[2004.04.02 12:20:20 | 000,045,824 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\EggCrack2.gif
[2004.04.02 12:20:20 | 000,006,573 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\_EggCrack1.gif
[2004.04.02 12:20:20 | 000,005,387 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\_EggCrack2.gif
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Grand Theft Auto IV\wurstsuppe-gta4crack.nfo
[2011.12.01 22:27:42 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\skyrim\Data\Textures\architecture\windhelm\wholdcrackedbrick.dds
[2011.12.01 22:25:29 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\skyrim\Data\Textures\architecture\windhelm\wholdcrackedbrick2.dds
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2012.05.02 08:51:20 | 000,018,721 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_audio_dso_env_atmo_fx_wood_crack.fsb._9fb56f57b36f84d27bc3fc711c74229d
[2012.05.06 15:49:05 | 000,052,388 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks.dds._9763bba1eef345cbd8fdd5d52f2eb2ad
[2012.05.06 15:49:05 | 000,028,639 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks_emsv.dds._e91a1ed583df6d7ac1e8b3ff52b8a1b5
[2012.05.05 00:12:18 | 000,002,921 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ice_cracks.dds._38c2db18755cf8f1711062db7dad883b
[2012.05.06 15:49:05 | 000,010,317 | ---- | M] () -- \Users\Envy\AppData\Local\Temp\DSOClient\export_win32_textures_effects_p_cracks_2.dds._39bfaf026e0bde11ec2a5c886139fcbe
[2012.06.24 14:16:37 | 000,000,317 | ---- | M] () -- \Users\Envy\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2011.07.21 15:44:31 | 000,012,003 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Dragon_Age_2_Update_v1.03_Cracked-FLTDOX.torrent
[2011.08.20 16:02:50 | 000,015,257 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\From.Dust.Crack.Only-SKIDROW.torrent
[2011.07.02 00:07:14 | 000,011,967 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent
[2011.08.11 16:12:03 | 000,040,889 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\SC2 FIXED ISO + Campaign and Skirmish cracks + maps.torrent
[2012.01.14 15:10:43 | 000,004,405 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Serious Sam 3 BFE Crack 100% working.torrent
[2012.01.13 01:58:34 | 000,010,633 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\SS3BFE_Crack.iso.torrent
[2008.09.23 18:19:08 | 000,016,223 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0001.OZJ
[2008.09.23 18:19:08 | 000,017,939 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0002.OZJ
[2008.09.23 18:19:08 | 000,020,684 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0003.OZJ
[2008.09.23 18:19:08 | 000,023,889 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0004.OZJ
[2008.09.23 18:19:08 | 000,027,580 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0005.OZJ
[2008.09.23 18:19:08 | 000,029,199 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0006.OZJ
[2008.09.23 18:19:08 | 000,028,015 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\firecracker0007.OZJ
[2009.06.30 16:38:36 | 000,034,210 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\GoblinCrack.OZJ
[2008.05.20 18:23:34 | 000,011,320 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 12:10:42 | 000,005,648 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_b.bmd
[2010.08.04 20:43:32 | 000,161,560 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_dragon.bmd
[2008.04.24 17:01:00 | 000,160,240 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 16:38:32 | 000,002,072 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 16:38:32 | 000,004,428 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 16:38:32 | 000,003,024 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 15:38:06 | 000,003,448 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Item\firecracker.OZJ
[2009.06.30 16:38:36 | 000,034,210 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Monster\GoblinCrack.OZJ
[2006.07.03 11:30:54 | 000,016,685 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Object40\han_mcrack.OZJ
[2003.01.14 19:11:30 | 000,129,158 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Sound\eFirecracker1.wav
[2003.01.14 19:11:32 | 000,132,402 | ---- | M] () -- \Users\Envy\Desktop\MU1_04C_Full(Eng)(1)\Data\Sound\eFirecracker2.wav
[2011.11.06 17:28:15 | 000,138,803 | ---- | M] () -- \Users\Envy\Documents\Crack.rar
[2012.01.29 22:33:57 | 000,039,492 | ---- | M] () -- \Users\Envy\Documents\Devil.May.Cry.4.(2008)-RELOADED.PC.Crack_[English].5420207.TPB.torrent
[2011.12.26 03:08:21 | 001,774,080 | ---- | M] () -- \Users\Envy\Downloads\darkspore-crack-and-keygen-100%-funkční-od-bigjeyjey70.exe
[2011.12.26 13:54:09 | 001,627,197 | ---- | M] () -- \Users\Envy\Downloads\Darksporecrack_new_20.05.2011.rar
[2011.07.03 15:30:58 | 019,189,262 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe.rar
[2012.01.11 18:47:23 | 043,186,095 | ---- | M] () -- \Users\Envy\Downloads\Minecraft.1.2.0.cRaCkEd.(KaEn_sG2,-updated).rar
[2011.07.02 13:45:20 | 005,440,102 | ---- | M] () -- \Users\Envy\Downloads\Need.for.Speed.Most.Wanted.v1.3.REAL.CRACK-VOLKSWAGEN.rar
[2011.12.02 08:15:55 | 008,971,822 | ---- | M] () -- \Users\Envy\Downloads\Terraria.v1.0.6.1.cracked-THETA-[ALEX].zip
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.nfo
[2008.12.04 14:24:58 | 009,576,446 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.rar
[2008.12.04 14:24:56 | 000,000,035 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack.sfv
[2008.12.04 09:29:28 | 000,000,569 | ---- | M] () -- \Users\Envy\Downloads\grand-theft-auto-4-crackonly-proper-wurstsuppe\Grand.Theft.Auto.4.CrackOnly.Proper-Wurstsuppe\wurstsuppe-gta4crack\wurstsuppe-gta4crack.nfo
< *keygen* /s >
[2011.07.02 00:07:14 | 000,011,967 | ---- | M] () -- \Users\Envy\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent
[2011.12.26 03:08:21 | 001,774,080 | ---- | M] () -- \Users\Envy\Downloads\darkspore-crack-and-keygen-100%-funkční-od-bigjeyjey70.exe
< *loader* /s >
[2011.10.17 08:57:37 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.06.28 22:53:32 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.06.28 22:53:36 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2004.04.17 17:36:42 | 000,002,043 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbar.jpg
[2004.06.23 11:27:56 | 000,001,261 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarloading.gif
[2004.06.23 11:27:58 | 000,001,302 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarloading_.gif
[2004.04.17 17:36:42 | 000,002,270 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarover.jpg
[2004.04.17 17:36:42 | 000,000,371 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbarover_.gif
[2004.04.17 17:36:42 | 000,000,307 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderbar_.gif
[2004.04.17 17:36:42 | 000,001,581 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderplay.gif
[2004.04.17 17:36:42 | 000,001,656 | ---- | M] () -- \Program Files (x86)\PopCap Games\Insaniquarium Deluxe\images\loaderplay_.gif
[2012.06.01 10:06:52 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.09.24 00:19:25 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2009.09.18 11:58:48 | 002,104,496 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe
[2009.09.17 16:37:02 | 002,199,272 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\WoW-3.2.0-enGB-downloader.exe
[2011.04.06 16:56:01 | 005,126,669 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\Temp\wow-4.0.1.2210-enUS-tools-downloader.exe
[2011.04.06 16:56:15 | 000,001,364 | ---- | M] () -- \Program Files (x86)\WoW 4.x.x Cataclysm\Temp\Logs\Downloader.log
[2012.06.24 14:22:45 | 000,057,856 | ---- | M] () -- \Program Files\Dungeon Siege III\PhysXLoader.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.04.18 04:43:00 | 000,400,112 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2011.12.16 17:41:00 | 000,714,144 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.04.18 04:43:00 | 000,400,112 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2011.12.16 17:41:00 | 000,714,144 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2012.03.14 19:52:47 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[1].css
[2012.02.08 02:59:33 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[1].js
[2012.04.29 11:31:08 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[2].css
[2012.03.01 20:16:16 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[2].js
[2012.05.24 21:37:03 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[3].css
[2012.03.14 19:52:50 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[3].js
[2012.04.29 11:31:09 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WY9L6V1\queryLoader[4].js
[2012.05.25 11:13:38 | 000,010,519 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWV4UWEX\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.06.15 23:24:57 | 000,000,353 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWV4UWEX\queryLoader[1].css
[2012.05.25 11:13:38 | 000,000,652 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAF0ISNC\AdLoader[1].htm
[2012.06.15 23:24:58 | 000,005,505 | ---- | M] () -- \Users\Envy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAF0ISNC\queryLoader[1].js
[2011.10.17 08:56:52 | 002,764,854 | ---- | M] () -- \Users\Envy\Downloads\Downloader_Diablo2_enGB.exe
[2011.10.17 08:57:00 | 002,678,867 | ---- | M] () -- \Users\Envy\Downloads\Downloader_Diablo2_Lord_of_Destruction_enGB.exe
[2012.01.04 00:32:57 | 000,073,686 | ---- | M] () -- \Users\Envy\Downloads\PrometheusIsoLoader.zip
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.13 21:22:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2011.06.13 21:22:40 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.efi.mui_35ee487d
[2011.06.13 21:22:40 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.exe.mui_3bc5b827
[2011.06.13 21:22:40 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.efi.mui_f412814e
[2011.06.13 21:22:40 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.exe.mui_ff8b5358
[2011.09.23 12:45:34 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1.manifest
[2011.09.23 12:45:34 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winload.efi.mui_35ee487d
[2011.09.23 12:45:34 | 000,034,880 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winload.exe.mui_3bc5b827
[2011.09.23 12:45:34 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winresume.efi.mui_f412814e
[2011.09.23 12:45:34 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1_winresume.exe.mui_ff8b5358
[2011.09.23 12:55:50 | 000,004,338 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.09.23 12:55:50 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winload.efi.mui_35ee487d
[2011.09.23 12:55:50 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winload.exe.mui_3bc5b827
[2011.09.23 12:55:50 | 000,026,496 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winresume.efi.mui_f412814e
[2011.09.23 12:55:50 | 000,026,496 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6_winresume.exe.mui_ff8b5358
[2011.06.23 09:23:18 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.23 09:23:18 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.23 09:23:18 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.23 09:23:18 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.23 09:23:18 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 19:30:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2009.07.13 19:20:24 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_1baec3614eb9d8c1.manifest
[2009.07.13 20:28:54 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_3214161ae4d6b72c.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.16 22:37:20 | 000,001,449 | ---- | M] () -- \Zástupci\Free Rapid Downloader.lnk
< End of report >
-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
EXTRAS
OTL Extras logfile created on: 1.7.2012 12:44:26 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Envy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 5,26 Gb Available Physical Memory | 65,81% Memory free
16,00 Gb Paging File | 12,96 Gb Available in Paging File | 81,04% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 76,47 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
Drive D: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1863,01 Gb Total Space | 805,12 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Computer Name: PURGATORY | User Name: Envy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025F99CB-9C56-4FFB-A49F-4EE98465E47C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BF01235-F01D-4292-8C85-4A6D31ADF8F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{10D34037-FEA2-4152-AA19-B9F017186530}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14D26C89-A888-49DB-8446-52921B5523B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18F5A29D-A2E4-4055-B4EE-8A5DA9E1FA1F}" = rport=139 | protocol=6 | dir=out | app=system |
"{23F01AA2-CF70-4EB4-B1CF-D0E9E6138302}" = rport=445 | protocol=6 | dir=out | app=system |
"{2565C3CA-4695-4D0E-991D-0103C0DE509C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A90125F-2982-4EE8-9530-5BECF79A3DA8}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2B56316E-2F1E-4C8F-8A79-4F9CB51C7D5C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2F190B88-D9B0-4782-A8D1-877EA8350A4B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{35630F9B-AFBD-46A3-A746-C6224D4E18D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{381532F6-CC82-457C-B4AB-B2CDB18BFC24}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3C0591E1-49F6-4912-8152-3B349EDA00A9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42D9AEB4-658D-4DDE-BC76-4AAF26007F6C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{432EC6E0-063C-4A42-9988-F704E7F40E60}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BA7465D-2144-4A44-9EA1-15AF3386CA64}" = rport=137 | protocol=17 | dir=out | app=system |
"{4D0BDEAC-B6D3-4672-9F3F-D657DD4E7E97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E54C09F-8D5E-475D-9122-3DB6C27380E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{72E17688-4E6C-404C-B8C8-292458802105}" = rport=138 | protocol=17 | dir=out | app=system |
"{73398924-7837-4B96-AFC9-6F4C1E842B1E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{751CA1FC-61E5-42F9-9051-F6BFFEBB1506}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76C9DC82-AA1D-459B-B546-E44035E3C045}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7E2082E8-2026-4C02-AF37-C7C3DDA7A5BC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{839FFD58-9ED6-483C-826D-F98C360F4FBA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{975EC367-6D98-4885-A47F-999907FDE32D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3AAE37B-160B-4E1C-AC7C-D43D8DB88764}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4B086B1-F74D-4C6C-8F96-8B8E12B621DB}" = lport=137 | protocol=17 | dir=in | app=system |
"{B7B0FDDB-F190-469E-A9C9-991A426EC328}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF28B3EE-CCBB-4BFE-877A-1A14B51134FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E603548A-3DB5-487C-8455-4660829F5A89}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F41B8677-0A18-467C-868B-72E8E301CBC0}" = lport=138 | protocol=17 | dir=in | app=system |
"{F5228D8C-3E4B-47D8-9BE8-272FDC7F7153}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008CC4C6-FEC5-4F44-A953-AE224A3488D6}" = protocol=6 | dir=in | app=a:\1hry\mass effect\masseffectlauncher.exe |
"{081D9730-18BB-4479-8531-E707979C1ACC}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{0B94916F-7D39-4A48-B4B1-C8050CFB3B50}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{11C97E3E-D5BD-4323-969E-5A4F2755B68F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{15F46907-F840-4884-A4D6-1451E510C2B5}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{1B5B9912-ED96-40F5-88CA-962726CDC128}" = protocol=17 | dir=in | app=a:\1hry\empire earth iii\ee3.exe |
"{21EDA7AE-96BC-482B-B582-358AAAD4C88A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{22624C5D-1562-4C9D-BBF7-0B65352D6C71}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrmp.exe |
"{276E933A-A582-41E3-933B-1004A34325AB}" = protocol=17 | dir=in | app=a:\1hry\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{28198FE4-816D-436D-ABDD-DEE001D3A0D8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E2C9AA6-3BF7-4DEE-BEFE-381B791A4D86}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{30E8085B-7836-4462-9938-1E86180E91E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{31719CA0-618E-4FF9-860E-0B60790183EF}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{317A8935-D50C-4B26-9657-70C982A850EC}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrmp.exe |
"{32A31C19-2152-4358-B5A8-8B2AAF1C32AF}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{34E4DD3A-4821-47D2-ACBF-0FDD6A42B3DB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34FE588C-E752-4F78-817E-AF262FB86EE8}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrsp.exe |
"{390A1DE7-7EF0-4847-BBDE-1CF95C936924}" = protocol=6 | dir=in | app=a:\1hry\mass effect\binaries\masseffect.exe |
"{391CAC10-B4EE-4988-803C-FA0570B99162}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3A80A472-D8C7-404E-9FF7-1F5E6E7D1BF9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{3AEEFB73-542E-4F48-8C91-3C400A894B1F}" = protocol=6 | dir=in | app=a:\1hry\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{3B41FBA3-97C9-4662-B995-A15828A8CDD9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{40ADD5F1-3ABF-465E-AA00-28FE9F20ECD2}" = protocol=6 | dir=in | app=a:\1hry\mass effect 2\masseffect2launcher.exe |
"{4325E554-B4A1-43AC-A33F-32CF34EA9575}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C714B67-3557-413F-9AD9-A9B619646228}" = protocol=17 | dir=in | app=a:\1hry\mass effect 2\binaries\masseffect2.exe |
"{4CC94EC5-0A5C-426E-95A4-E153EDF9B047}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{509052A1-7A4E-44FA-AA74-D2E67A38426E}" = protocol=17 | dir=in | app=a:\1hry\dungeon siege 2\dungeonsiege2.exe |
"{55D954D7-4CBD-4C40-A74E-A078AF4EF099}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A911523-CBB6-4EC8-8131-59AFAB9F68F0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6043D52A-685E-446B-8DA5-C8D849F70388}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{621B08A3-53E0-4D55-ABFE-381113D94501}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6272A72F-324F-4D41-BBBD-E2D1E704579B}" = protocol=17 | dir=in | app=a:\1hry\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{657DCC7A-3FDB-4D41-AD79-289602783257}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{68D1AD42-9D23-4EC5-A050-06B9CD14E3DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6E36EC63-A725-4B90-BC5A-6169C890E829}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{6FD63805-937F-4DE1-86C1-400EDEF46136}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{705A2C78-94C8-414A-96DD-99291577FCDC}" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{7142A968-1463-418E-B480-E5A178EE9962}" = protocol=17 | dir=in | app=a:\1hry\mass effect\masseffectlauncher.exe |
"{7272EE53-3AAA-486A-8873-9E87F931220E}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{74BF27F3-8EFC-4170-A09C-3BC9C6786832}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{77F4EBD6-1158-4A2C-B46A-8CFA142509E5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7B44557F-5ED6-418D-BD86-1CD58E997EAE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{80E9D370-0CC6-47E3-B48B-5E38E765082B}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{817D5E70-7AF0-4A28-AA14-71ECAAE3A47D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{88D0FE71-ECF8-4150-9824-4D2F2862020E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{8C83807F-A091-417F-A06C-04D87CDE4C98}" = protocol=17 | dir=in | app=c:\users\envy\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{8DAE336C-8E15-4256-8B52-C791D08D9678}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{939F913C-643A-439B-B43F-F2C02CFE2160}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{96ACAB8D-E614-44C3-9EE9-12F9CAD79754}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9987C3DC-732B-49DA-AEA2-76442273FAA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9DA172A2-B058-467B-BF1A-6478CA80509B}" = protocol=17 | dir=in | app=a:\1hry\mass effect\binaries\masseffect.exe |
"{9FFDA001-4049-4825-A7CF-C2C1133507D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A21146ED-3151-4D51-81F5-11B321D70AB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A245CE22-F1B2-4DA1-AA4B-421ED40B8FF2}" = protocol=6 | dir=out | app=system |
"{A2E7F861-B9FE-439F-8F9D-EED656BAE88C}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{A3F7FB16-90B4-4B4A-8A76-9BC5E85D3490}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{A479E3D6-40BF-43FB-998B-19C5D9B58115}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{A9C1520B-F286-4034-AFDA-667D0D956227}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AC91364F-9690-48D1-AC8A-EDF3989113E0}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B2259CAE-479F-4821-B5B8-A3FBCC2803FA}" = protocol=6 | dir=in | app=a:\1hry\dungeon siege 2\dungeonsiege2.exe |
"{B716DA76-5D25-4AEF-9EB5-946B3DA79153}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{BA4E14C8-1A34-46F0-A502-6260AC660BDC}" = protocol=6 | dir=in | app=a:\1hry\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{BD9E5104-23D7-48EE-9BAE-11A6AC20EF7E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C0217B95-F8C9-4504-88E7-892BE4E10371}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C17EB3CC-0417-4B51-9B94-B42EEE0D64E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4E98AF3-4BE7-46CD-9CCC-D32D238D7762}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{C5E63A7E-AFF2-41C8-B86C-7509907EDEAA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C962372A-3F2A-446B-9E72-EAE94E58864F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D03EFDC8-4F14-4DEC-BBF0-A77259F31436}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8B28CF2-F6CE-42E8-8092-A2391F8F4DDD}" = protocol=17 | dir=in | app=a:\1hry\mass effect 2\masseffect2launcher.exe |
"{D8CE5F01-F4BF-47EA-B015-1D8F57497656}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{D91BEF13-6696-4604-A5F6-9F71B1D30EC6}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrsp.exe |
"{E1936FC4-11CB-4CD9-8604-A810D1859744}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{E57B2219-811E-4494-9401-447269284DFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7D30A4B-DCF6-4269-A070-291DC88C0EA8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{F1B2242F-1D41-4BAF-AEED-BACD80009597}" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{F6EA9041-F6C8-4C4B-9525-A2CA48FEE13C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{FBE1F204-7663-4F1E-BFC2-73F7F8B434B3}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{FD5F2F4B-1CEB-40AC-9484-0F7866A3B646}" = protocol=6 | dir=in | app=c:\users\envy\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{FED1BD57-8794-4337-AB3E-F2B98AE863A2}" = protocol=6 | dir=in | app=a:\1hry\mass effect 2\binaries\masseffect2.exe |
"{FFC68883-0358-4AC1-B439-36D279477A3C}" = protocol=6 | dir=in | app=a:\1hry\empire earth iii\ee3.exe |
"TCP Query User{10F6DEE0-D349-41E5-8401-5C4E3545248C}C:\users\envy\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\envy\appdata\local\temp\gw2.exe |
"TCP Query User{1C48246B-FAB4-4093-B49A-47C84B785D58}A:\1hry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=a:\1hry\warcraft iii\war3.exe |
"TCP Query User{20B9783E-F32E-48AC-8CE4-2F303E80935B}C:\program files (x86)\kvirc\kvirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe |
"TCP Query User{25682AB1-A9EB-423C-A40D-CC3D2301F516}A:\1hry\world_of_tankstest\wotlauncher.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tankstest\wotlauncher.exe |
"TCP Query User{2DBBA3FD-E1B0-4346-B858-8EC545D9C7CF}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{33AF6297-7FB5-4E2E-AFF4-0CEC41D062BB}A:\1hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{4AD32372-5FEF-4857-88FC-5FD41B3BA3B9}C:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe" = protocol=6 | dir=in | app=c:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe |
"TCP Query User{5E160A57-40A6-4053-818D-07649BCC9F1F}A:\1hry\world_of_tankstest\worldoftanks.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tankstest\worldoftanks.exe |
"TCP Query User{60482992-90A3-49CB-9A81-511967120D61}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{61197D5D-8526-4DBE-9B64-4A7FAF621312}A:\1hry\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=a:\1hry\thq\company of heroes\reliccoh.exe |
"TCP Query User{61C8064C-49C1-4EA5-A5AF-E1DE9EFD2D6B}A:\1hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tanks\worldoftanks.exe |
"TCP Query User{6CCF2D1C-1DB0-46A3-ACFC-240B276A612D}A:\1hry\square enix\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=a:\1hry\square enix\dead island\deadislandgame.exe |
"TCP Query User{7345EBBB-45B6-40CC-BD0A-77B48911B0D4}C:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe |
"TCP Query User{A8C7614C-A4BE-47E4-A591-8F872A9D3E1B}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{C06FDB05-1E1D-4511-B338-7FD8488A300C}A:\1hry\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=a:\1hry\guild wars 2\gw2.exe |
"TCP Query User{C72D94C0-BF61-4BAB-962F-2A960D0D6FF6}A:\1hry\reckoning\reckoning.exe" = protocol=6 | dir=in | app=a:\1hry\reckoning\reckoning.exe |
"TCP Query User{D1E0A6A7-38FE-45FB-AC29-8F789F722C68}A:\1hry\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=a:\1hry\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{E97028B5-2908-4AFF-B7ED-3441E52C3525}A:\1hry\terraria 1.1\terrariaserver.exe" = protocol=6 | dir=in | app=a:\1hry\terraria 1.1\terrariaserver.exe |
"TCP Query User{EA9224F2-5E23-4DFA-A737-42D0677ECFD9}A:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=a:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{FF5294DF-B404-4325-989A-95B0F6F3EAED}C:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe |
"UDP Query User{23AB312B-F358-4872-8215-1FFF7EA8EF7C}A:\1hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{26BED622-EA91-4F9F-9033-AF1B5835AA9E}A:\1hry\world_of_tankstest\wotlauncher.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tankstest\wotlauncher.exe |
"UDP Query User{28459983-EC3F-4DD3-BE0B-5CDEF5B3EF43}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{49076465-E340-4E91-A0EA-004DF209140E}C:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe" = protocol=17 | dir=in | app=c:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe |
"UDP Query User{4F1B8EDA-1415-4721-A4FE-48A5096FE091}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{61E1782C-B28E-413F-9F62-204469C4E4E6}A:\1hry\square enix\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=a:\1hry\square enix\dead island\deadislandgame.exe |
"UDP Query User{6C8CA154-864F-4879-A332-3B4726A049B8}C:\users\envy\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\envy\appdata\local\temp\gw2.exe |
"UDP Query User{754B4109-1F92-42BC-93EB-3BF2BA52567B}A:\1hry\world_of_tankstest\worldoftanks.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tankstest\worldoftanks.exe |
"UDP Query User{8B556CE1-5E6B-4A68-90D0-0705BE435C8D}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{8D34318A-5955-4D21-B518-00920B50D9F7}C:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe |
"UDP Query User{8DD0B51B-0200-4AAF-9CC7-3ED9F748BD7D}A:\1hry\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=a:\1hry\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{8E76F283-5626-4E64-ABD9-B0DB02442E9D}A:\1hry\reckoning\reckoning.exe" = protocol=17 | dir=in | app=a:\1hry\reckoning\reckoning.exe |
"UDP Query User{A0B682C0-6BA7-4E6D-AB10-1EAAC8467211}A:\1hry\terraria 1.1\terrariaserver.exe" = protocol=17 | dir=in | app=a:\1hry\terraria 1.1\terrariaserver.exe |
"UDP Query User{A84E067C-983A-49A8-AC7D-9B353ED8D2C8}A:\1hry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=a:\1hry\warcraft iii\war3.exe |
"UDP Query User{D3268914-3138-4FEA-B494-7B585D31F24B}C:\program files (x86)\kvirc\kvirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe |
"UDP Query User{D4A41872-C0BA-4F84-8A8F-E4E746199630}A:\1hry\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=a:\1hry\guild wars 2\gw2.exe |
"UDP Query User{D8B32051-9837-432E-9637-A0A0B8637126}A:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=a:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{DBD5DBBD-EAF6-4C37-A214-FF0174308D5C}A:\1hry\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=a:\1hry\thq\company of heroes\reliccoh.exe |
"UDP Query User{F703A487-6D22-4F58-9816-62075D64C084}C:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe |
"UDP Query User{FCD46CA8-3B42-422D-93BC-01EB329D5BF0}A:\1hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tanks\worldoftanks.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{33CF8D2C-0430-2949-FD8F-695C97C472C5}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback
"{B95653AB-0E7F-204A-3226-17E9F38E6951}" = AMD Drag and Drop Transcoding
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TNod" = TNod User & Password Finder
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT}_is1" = World of Tanks v.0.7.3_CT
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = SPEEDLINK Strike 2 Gamepad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8F6FE1DC-E868-B38A-07E5-897508745128}" = ccc-core-static
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D323A4C4-A02D-4B8C-AE50-DFAE5BC8C7F0}_is1" = Monotea SMS Posílač 3 verze 3.15
"{D3D867DD-6C81-E695-4FFE-BE921DF44931}" = Catalyst Control Center Graphics Previews Common
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Hrátky osudu
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F08A1CA0-55A7-8244-3A05-7431447CE9BA}" = CCC Help English
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.065
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AviSynth" = AviSynth 2.5
"Bastion_is1" = Bastion
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Company of Heroes" = Company of Heroes
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DungeonSiege2" = Dungeon Siege 2
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"Fraps" = Fraps (remove only)
"Guild Wars 2" = Guild Wars 2
"Hamachi" = Hamachi 1.0.2.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.6.0 (Full)
"KVIrc" = KVIrc
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 cs)" = Mozilla Firefox 13.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"Mumble" = Mumble and Murmur
"Opera 11.64.1403" = Opera 11.64
"Origin" = Origin
"PlugY, The Survival Kit" = PlugY, The Survival Kit
"PowerISO" = PowerISO
"Ps&Ps2 To Usb" = Ps&Ps2 To Usb
"PSPVC" = PSPVC :: PSP Video Converter v3.91
"PunkBusterSvc" = PunkBuster Services
"ReNamer_is1" = ReNamer
"Saints Row The Third_is1" = Saints Row The Third
"Steam App 440" = Team Fortress 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"Totalcmd" = Total Commander (Remove or Repair)
"Tyrian 2000_is1" = Tyrian 2000
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"Vessel_is1" = Vessel
"Viva Pinata CZ" = Viva Pinata CZ
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XnView_is1" = XnView 1.98.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Tropico 4" = Tropico 4 1.00
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.6.2012 9:24:44 | Computer Name = Purgatory | Source = Microsoft-Windows-Defrag | ID = 257
Description =
Error - 21.6.2012 6:00:04 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 23.6.2012 9:40:05 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Arcanum.exe, verze: 1.0.7.4, časové razítko:
0x3bb4bcf3 Název chybujícího modulu: Arcanum.exe, verze: 1.0.7.4, časové razítko:
0x3bb4bcf3 Kód výjimky: 0xc0000005 Posun chyby: 0x00123e1e ID chybujícího procesu:
0x146c Čas spuštění chybující aplikace: 0x01cd5145760c043a Cesta k chybující aplikaci:
A:\Sierra\Arcanum\Arcanum.exe Cesta k chybujícímu modulu: A:\Sierra\Arcanum\Arcanum.exe
ID
zprávy: f04a1d7d-bd38-11e1-8d99-00241ddf4e6e
Error - 23.6.2012 20:48:02 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 24.6.2012 8:14:35 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0x1318 Čas spuštění chybující aplikace: 0x01cd5202dff32dc1 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 28f6eedd-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:15:17 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xc14 Čas spuštění chybující aplikace: 0x01cd5202fefeb740 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 421f6d0a-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:16:28 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xf9c Čas spuštění chybující aplikace: 0x01cd520328fd73eb Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 6c82924d-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:17:06 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xc1c Čas spuštění chybující aplikace: 0x01cd52033f87bdc8 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 82b740da-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:18:51 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0x3f4 Čas spuštění chybující aplikace: 0x01cd52037e404343 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: c1660230-bdf6-11e1-b221-00241ddf4e6e
Error - 1.7.2012 1:43:12 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 25.6.2012 22:40:51 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 26.6.2012 9:13:20 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 26.6.2012 22:51:47 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 27.6.2012 15:00:25 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 27.6.2012 22:31:52 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 28.6.2012 14:19:56 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 28.6.2012 22:29:56 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 29.6.2012 11:30:17 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 29.6.2012 17:04:22 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 30.6.2012 7:45:19 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
< End of report >
OTL Extras logfile created on: 1.7.2012 12:44:26 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Envy\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 5,26 Gb Available Physical Memory | 65,81% Memory free
16,00 Gb Paging File | 12,96 Gb Available in Paging File | 81,04% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 76,47 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
Drive D: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1863,01 Gb Total Space | 805,12 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Computer Name: PURGATORY | User Name: Envy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025F99CB-9C56-4FFB-A49F-4EE98465E47C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BF01235-F01D-4292-8C85-4A6D31ADF8F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{10D34037-FEA2-4152-AA19-B9F017186530}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14D26C89-A888-49DB-8446-52921B5523B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18F5A29D-A2E4-4055-B4EE-8A5DA9E1FA1F}" = rport=139 | protocol=6 | dir=out | app=system |
"{23F01AA2-CF70-4EB4-B1CF-D0E9E6138302}" = rport=445 | protocol=6 | dir=out | app=system |
"{2565C3CA-4695-4D0E-991D-0103C0DE509C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A90125F-2982-4EE8-9530-5BECF79A3DA8}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2B56316E-2F1E-4C8F-8A79-4F9CB51C7D5C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2F190B88-D9B0-4782-A8D1-877EA8350A4B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{35630F9B-AFBD-46A3-A746-C6224D4E18D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{381532F6-CC82-457C-B4AB-B2CDB18BFC24}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3C0591E1-49F6-4912-8152-3B349EDA00A9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42D9AEB4-658D-4DDE-BC76-4AAF26007F6C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{432EC6E0-063C-4A42-9988-F704E7F40E60}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BA7465D-2144-4A44-9EA1-15AF3386CA64}" = rport=137 | protocol=17 | dir=out | app=system |
"{4D0BDEAC-B6D3-4672-9F3F-D657DD4E7E97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E54C09F-8D5E-475D-9122-3DB6C27380E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{72E17688-4E6C-404C-B8C8-292458802105}" = rport=138 | protocol=17 | dir=out | app=system |
"{73398924-7837-4B96-AFC9-6F4C1E842B1E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{751CA1FC-61E5-42F9-9051-F6BFFEBB1506}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76C9DC82-AA1D-459B-B546-E44035E3C045}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7E2082E8-2026-4C02-AF37-C7C3DDA7A5BC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{839FFD58-9ED6-483C-826D-F98C360F4FBA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{975EC367-6D98-4885-A47F-999907FDE32D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A3AAE37B-160B-4E1C-AC7C-D43D8DB88764}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4B086B1-F74D-4C6C-8F96-8B8E12B621DB}" = lport=137 | protocol=17 | dir=in | app=system |
"{B7B0FDDB-F190-469E-A9C9-991A426EC328}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF28B3EE-CCBB-4BFE-877A-1A14B51134FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E603548A-3DB5-487C-8455-4660829F5A89}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F41B8677-0A18-467C-868B-72E8E301CBC0}" = lport=138 | protocol=17 | dir=in | app=system |
"{F5228D8C-3E4B-47D8-9BE8-272FDC7F7153}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008CC4C6-FEC5-4F44-A953-AE224A3488D6}" = protocol=6 | dir=in | app=a:\1hry\mass effect\masseffectlauncher.exe |
"{081D9730-18BB-4479-8531-E707979C1ACC}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{0B94916F-7D39-4A48-B4B1-C8050CFB3B50}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{11C97E3E-D5BD-4323-969E-5A4F2755B68F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{15F46907-F840-4884-A4D6-1451E510C2B5}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{1B5B9912-ED96-40F5-88CA-962726CDC128}" = protocol=17 | dir=in | app=a:\1hry\empire earth iii\ee3.exe |
"{21EDA7AE-96BC-482B-B582-358AAAD4C88A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{22624C5D-1562-4C9D-BBF7-0B65352D6C71}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrmp.exe |
"{276E933A-A582-41E3-933B-1004A34325AB}" = protocol=17 | dir=in | app=a:\1hry\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{28198FE4-816D-436D-ABDD-DEE001D3A0D8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E2C9AA6-3BF7-4DEE-BEFE-381B791A4D86}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{30E8085B-7836-4462-9938-1E86180E91E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{31719CA0-618E-4FF9-860E-0B60790183EF}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{317A8935-D50C-4B26-9657-70C982A850EC}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrmp.exe |
"{32A31C19-2152-4358-B5A8-8B2AAF1C32AF}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{34E4DD3A-4821-47D2-ACBF-0FDD6A42B3DB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34FE588C-E752-4F78-817E-AF262FB86EE8}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrsp.exe |
"{390A1DE7-7EF0-4847-BBDE-1CF95C936924}" = protocol=6 | dir=in | app=a:\1hry\mass effect\binaries\masseffect.exe |
"{391CAC10-B4EE-4988-803C-FA0570B99162}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3A80A472-D8C7-404E-9FF7-1F5E6E7D1BF9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{3AEEFB73-542E-4F48-8C91-3C400A894B1F}" = protocol=6 | dir=in | app=a:\1hry\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{3B41FBA3-97C9-4662-B995-A15828A8CDD9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{40ADD5F1-3ABF-465E-AA00-28FE9F20ECD2}" = protocol=6 | dir=in | app=a:\1hry\mass effect 2\masseffect2launcher.exe |
"{4325E554-B4A1-43AC-A33F-32CF34EA9575}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C714B67-3557-413F-9AD9-A9B619646228}" = protocol=17 | dir=in | app=a:\1hry\mass effect 2\binaries\masseffect2.exe |
"{4CC94EC5-0A5C-426E-95A4-E153EDF9B047}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{509052A1-7A4E-44FA-AA74-D2E67A38426E}" = protocol=17 | dir=in | app=a:\1hry\dungeon siege 2\dungeonsiege2.exe |
"{55D954D7-4CBD-4C40-A74E-A078AF4EF099}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A911523-CBB6-4EC8-8131-59AFAB9F68F0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6043D52A-685E-446B-8DA5-C8D849F70388}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{621B08A3-53E0-4D55-ABFE-381113D94501}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6272A72F-324F-4D41-BBBD-E2D1E704579B}" = protocol=17 | dir=in | app=a:\1hry\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{657DCC7A-3FDB-4D41-AD79-289602783257}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{68D1AD42-9D23-4EC5-A050-06B9CD14E3DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6E36EC63-A725-4B90-BC5A-6169C890E829}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{6FD63805-937F-4DE1-86C1-400EDEF46136}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{705A2C78-94C8-414A-96DD-99291577FCDC}" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{7142A968-1463-418E-B480-E5A178EE9962}" = protocol=17 | dir=in | app=a:\1hry\mass effect\masseffectlauncher.exe |
"{7272EE53-3AAA-486A-8873-9E87F931220E}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{74BF27F3-8EFC-4170-A09C-3BC9C6786832}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{77F4EBD6-1158-4A2C-B46A-8CFA142509E5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7B44557F-5ED6-418D-BD86-1CD58E997EAE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{80E9D370-0CC6-47E3-B48B-5E38E765082B}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{817D5E70-7AF0-4A28-AA14-71ECAAE3A47D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{88D0FE71-ECF8-4150-9824-4D2F2862020E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{8C83807F-A091-417F-A06C-04D87CDE4C98}" = protocol=17 | dir=in | app=c:\users\envy\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{8DAE336C-8E15-4256-8B52-C791D08D9678}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{939F913C-643A-439B-B43F-F2C02CFE2160}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{96ACAB8D-E614-44C3-9EE9-12F9CAD79754}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9987C3DC-732B-49DA-AEA2-76442273FAA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9DA172A2-B058-467B-BF1A-6478CA80509B}" = protocol=17 | dir=in | app=a:\1hry\mass effect\binaries\masseffect.exe |
"{9FFDA001-4049-4825-A7CF-C2C1133507D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A21146ED-3151-4D51-81F5-11B321D70AB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A245CE22-F1B2-4DA1-AA4B-421ED40B8FF2}" = protocol=6 | dir=out | app=system |
"{A2E7F861-B9FE-439F-8F9D-EED656BAE88C}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{A3F7FB16-90B4-4B4A-8A76-9BC5E85D3490}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{A479E3D6-40BF-43FB-998B-19C5D9B58115}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{A9C1520B-F286-4034-AFDA-667D0D956227}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AC91364F-9690-48D1-AC8A-EDF3989113E0}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B2259CAE-479F-4821-B5B8-A3FBCC2803FA}" = protocol=6 | dir=in | app=a:\1hry\dungeon siege 2\dungeonsiege2.exe |
"{B716DA76-5D25-4AEF-9EB5-946B3DA79153}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{BA4E14C8-1A34-46F0-A502-6260AC660BDC}" = protocol=6 | dir=in | app=a:\1hry\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{BD9E5104-23D7-48EE-9BAE-11A6AC20EF7E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C0217B95-F8C9-4504-88E7-892BE4E10371}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C17EB3CC-0417-4B51-9B94-B42EEE0D64E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4E98AF3-4BE7-46CD-9CCC-D32D238D7762}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{C5E63A7E-AFF2-41C8-B86C-7509907EDEAA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C962372A-3F2A-446B-9E72-EAE94E58864F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D03EFDC8-4F14-4DEC-BBF0-A77259F31436}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8B28CF2-F6CE-42E8-8092-A2391F8F4DDD}" = protocol=17 | dir=in | app=a:\1hry\mass effect 2\masseffect2launcher.exe |
"{D8CE5F01-F4BF-47EA-B015-1D8F57497656}" = protocol=17 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{D91BEF13-6696-4604-A5F6-9F71B1D30EC6}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed revelations\acrsp.exe |
"{E1936FC4-11CB-4CD9-8604-A810D1859744}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{E57B2219-811E-4494-9401-447269284DFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7D30A4B-DCF6-4269-A070-291DC88C0EA8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{F1B2242F-1D41-4BAF-AEED-BACD80009597}" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{F6EA9041-F6C8-4C4B-9525-A2CA48FEE13C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{FBE1F204-7663-4F1E-BFC2-73F7F8B434B3}" = protocol=6 | dir=in | app=a:\1hry\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{FD5F2F4B-1CEB-40AC-9484-0F7866A3B646}" = protocol=6 | dir=in | app=c:\users\envy\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{FED1BD57-8794-4337-AB3E-F2B98AE863A2}" = protocol=6 | dir=in | app=a:\1hry\mass effect 2\binaries\masseffect2.exe |
"{FFC68883-0358-4AC1-B439-36D279477A3C}" = protocol=6 | dir=in | app=a:\1hry\empire earth iii\ee3.exe |
"TCP Query User{10F6DEE0-D349-41E5-8401-5C4E3545248C}C:\users\envy\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\envy\appdata\local\temp\gw2.exe |
"TCP Query User{1C48246B-FAB4-4093-B49A-47C84B785D58}A:\1hry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=a:\1hry\warcraft iii\war3.exe |
"TCP Query User{20B9783E-F32E-48AC-8CE4-2F303E80935B}C:\program files (x86)\kvirc\kvirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe |
"TCP Query User{25682AB1-A9EB-423C-A40D-CC3D2301F516}A:\1hry\world_of_tankstest\wotlauncher.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tankstest\wotlauncher.exe |
"TCP Query User{2DBBA3FD-E1B0-4346-B858-8EC545D9C7CF}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{33AF6297-7FB5-4E2E-AFF4-0CEC41D062BB}A:\1hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{4AD32372-5FEF-4857-88FC-5FD41B3BA3B9}C:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe" = protocol=6 | dir=in | app=c:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe |
"TCP Query User{5E160A57-40A6-4053-818D-07649BCC9F1F}A:\1hry\world_of_tankstest\worldoftanks.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tankstest\worldoftanks.exe |
"TCP Query User{60482992-90A3-49CB-9A81-511967120D61}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{61197D5D-8526-4DBE-9B64-4A7FAF621312}A:\1hry\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=a:\1hry\thq\company of heroes\reliccoh.exe |
"TCP Query User{61C8064C-49C1-4EA5-A5AF-E1DE9EFD2D6B}A:\1hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=a:\1hry\world_of_tanks\worldoftanks.exe |
"TCP Query User{6CCF2D1C-1DB0-46A3-ACFC-240B276A612D}A:\1hry\square enix\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=a:\1hry\square enix\dead island\deadislandgame.exe |
"TCP Query User{7345EBBB-45B6-40CC-BD0A-77B48911B0D4}C:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe |
"TCP Query User{A8C7614C-A4BE-47E4-A591-8F872A9D3E1B}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{C06FDB05-1E1D-4511-B338-7FD8488A300C}A:\1hry\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=a:\1hry\guild wars 2\gw2.exe |
"TCP Query User{C72D94C0-BF61-4BAB-962F-2A960D0D6FF6}A:\1hry\reckoning\reckoning.exe" = protocol=6 | dir=in | app=a:\1hry\reckoning\reckoning.exe |
"TCP Query User{D1E0A6A7-38FE-45FB-AC29-8F789F722C68}A:\1hry\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=a:\1hry\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{E97028B5-2908-4AFF-B7ED-3441E52C3525}A:\1hry\terraria 1.1\terrariaserver.exe" = protocol=6 | dir=in | app=a:\1hry\terraria 1.1\terrariaserver.exe |
"TCP Query User{EA9224F2-5E23-4DFA-A737-42D0677ECFD9}A:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=a:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{FF5294DF-B404-4325-989A-95B0F6F3EAED}C:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe |
"UDP Query User{23AB312B-F358-4872-8215-1FFF7EA8EF7C}A:\1hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{26BED622-EA91-4F9F-9033-AF1B5835AA9E}A:\1hry\world_of_tankstest\wotlauncher.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tankstest\wotlauncher.exe |
"UDP Query User{28459983-EC3F-4DD3-BE0B-5CDEF5B3EF43}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{49076465-E340-4E91-A0EA-004DF209140E}C:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe" = protocol=17 | dir=in | app=c:\users\envy\downloads\openttd-0-7-5-windows-win32\openttd-0.7.5-windows-win32\openttd.exe |
"UDP Query User{4F1B8EDA-1415-4721-A4FE-48A5096FE091}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{61E1782C-B28E-413F-9F62-204469C4E4E6}A:\1hry\square enix\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=a:\1hry\square enix\dead island\deadislandgame.exe |
"UDP Query User{6C8CA154-864F-4879-A332-3B4726A049B8}C:\users\envy\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\envy\appdata\local\temp\gw2.exe |
"UDP Query User{754B4109-1F92-42BC-93EB-3BF2BA52567B}A:\1hry\world_of_tankstest\worldoftanks.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tankstest\worldoftanks.exe |
"UDP Query User{8B556CE1-5E6B-4A68-90D0-0705BE435C8D}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{8D34318A-5955-4D21-B518-00920B50D9F7}C:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\empire earth gold edition\empire earth\empire earth.exe |
"UDP Query User{8DD0B51B-0200-4AAF-9CC7-3ED9F748BD7D}A:\1hry\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=a:\1hry\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{8E76F283-5626-4E64-ABD9-B0DB02442E9D}A:\1hry\reckoning\reckoning.exe" = protocol=17 | dir=in | app=a:\1hry\reckoning\reckoning.exe |
"UDP Query User{A0B682C0-6BA7-4E6D-AB10-1EAAC8467211}A:\1hry\terraria 1.1\terrariaserver.exe" = protocol=17 | dir=in | app=a:\1hry\terraria 1.1\terrariaserver.exe |
"UDP Query User{A84E067C-983A-49A8-AC7D-9B353ED8D2C8}A:\1hry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=a:\1hry\warcraft iii\war3.exe |
"UDP Query User{D3268914-3138-4FEA-B494-7B585D31F24B}C:\program files (x86)\kvirc\kvirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kvirc\kvirc.exe |
"UDP Query User{D4A41872-C0BA-4F84-8A8F-E4E746199630}A:\1hry\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=a:\1hry\guild wars 2\gw2.exe |
"UDP Query User{D8B32051-9837-432E-9637-A0A0B8637126}A:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=a:\1hry\thq\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{DBD5DBBD-EAF6-4C37-A214-FF0174308D5C}A:\1hry\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=a:\1hry\thq\company of heroes\reliccoh.exe |
"UDP Query User{F703A487-6D22-4F58-9816-62075D64C084}C:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\envylust\team fortress 2\hl2.exe |
"UDP Query User{FCD46CA8-3B42-422D-93BC-01EB329D5BF0}A:\1hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=a:\1hry\world_of_tanks\worldoftanks.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{33CF8D2C-0430-2949-FD8F-695C97C472C5}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback
"{B95653AB-0E7F-204A-3226-17E9F38E6951}" = AMD Drag and Drop Transcoding
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TNod" = TNod User & Password Finder
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT}_is1" = World of Tanks v.0.7.3_CT
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = SPEEDLINK Strike 2 Gamepad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8F6FE1DC-E868-B38A-07E5-897508745128}" = ccc-core-static
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D323A4C4-A02D-4B8C-AE50-DFAE5BC8C7F0}_is1" = Monotea SMS Posílač 3 verze 3.15
"{D3D867DD-6C81-E695-4FFE-BE921DF44931}" = Catalyst Control Center Graphics Previews Common
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = OSCAR Editor
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Hrátky osudu
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F08A1CA0-55A7-8244-3A05-7431447CE9BA}" = CCC Help English
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.065
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AviSynth" = AviSynth 2.5
"Bastion_is1" = Bastion
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Company of Heroes" = Company of Heroes
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DungeonSiege2" = Dungeon Siege 2
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"Fraps" = Fraps (remove only)
"Guild Wars 2" = Guild Wars 2
"Hamachi" = Hamachi 1.0.2.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}" = Anti-Vibrate Oscar Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.6.0 (Full)
"KVIrc" = KVIrc
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 cs)" = Mozilla Firefox 13.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"Mumble" = Mumble and Murmur
"Opera 11.64.1403" = Opera 11.64
"Origin" = Origin
"PlugY, The Survival Kit" = PlugY, The Survival Kit
"PowerISO" = PowerISO
"Ps&Ps2 To Usb" = Ps&Ps2 To Usb
"PSPVC" = PSPVC :: PSP Video Converter v3.91
"PunkBusterSvc" = PunkBuster Services
"ReNamer_is1" = ReNamer
"Saints Row The Third_is1" = Saints Row The Third
"Steam App 440" = Team Fortress 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"Totalcmd" = Total Commander (Remove or Repair)
"Tyrian 2000_is1" = Tyrian 2000
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"Vessel_is1" = Vessel
"Viva Pinata CZ" = Viva Pinata CZ
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XnView_is1" = XnView 1.98.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-919756733-2594212609-420078527-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Tropico 4" = Tropico 4 1.00
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.6.2012 9:24:44 | Computer Name = Purgatory | Source = Microsoft-Windows-Defrag | ID = 257
Description =
Error - 21.6.2012 6:00:04 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 23.6.2012 9:40:05 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Arcanum.exe, verze: 1.0.7.4, časové razítko:
0x3bb4bcf3 Název chybujícího modulu: Arcanum.exe, verze: 1.0.7.4, časové razítko:
0x3bb4bcf3 Kód výjimky: 0xc0000005 Posun chyby: 0x00123e1e ID chybujícího procesu:
0x146c Čas spuštění chybující aplikace: 0x01cd5145760c043a Cesta k chybující aplikaci:
A:\Sierra\Arcanum\Arcanum.exe Cesta k chybujícímu modulu: A:\Sierra\Arcanum\Arcanum.exe
ID
zprávy: f04a1d7d-bd38-11e1-8d99-00241ddf4e6e
Error - 23.6.2012 20:48:02 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 24.6.2012 8:14:35 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0x1318 Čas spuštění chybující aplikace: 0x01cd5202dff32dc1 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 28f6eedd-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:15:17 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xc14 Čas spuštění chybující aplikace: 0x01cd5202fefeb740 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 421f6d0a-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:16:28 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xf9c Čas spuštění chybující aplikace: 0x01cd520328fd73eb Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 6c82924d-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:17:06 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0xc1c Čas spuštění chybující aplikace: 0x01cd52033f87bdc8 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: 82b740da-bdf6-11e1-b221-00241ddf4e6e
Error - 24.6.2012 8:18:51 | Computer Name = Purgatory | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dungeon Siege III.exe, verze: 1.0.0.0, časové
razítko: 0x4dc8dd8c Název chybujícího modulu: Dungeon Siege III.exe, verze: 1.0.0.0,
časové razítko: 0x4dc8dd8c Kód výjimky: 0xc0000005 Posun chyby: 0x001c1b75 ID chybujícího
procesu: 0x3f4 Čas spuštění chybující aplikace: 0x01cd52037e404343 Cesta k chybující
aplikaci: A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe Cesta k chybujícímu modulu:
A:\1Hry\Dungeon Siege III\Dungeon Siege III.exe ID zprávy: c1660230-bdf6-11e1-b221-00241ddf4e6e
Error - 1.7.2012 1:43:12 | Computer Name = Purgatory | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 25.6.2012 22:40:51 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 26.6.2012 9:13:20 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 26.6.2012 22:51:47 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 27.6.2012 15:00:25 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 27.6.2012 22:31:52 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 28.6.2012 14:19:56 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 28.6.2012 22:29:56 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 29.6.2012 11:30:17 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 29.6.2012 17:04:22 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 30.6.2012 7:45:19 | Computer Name = Purgatory | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3
< End of report >
Re: Podezdření na Malware
Taaaakze, dosti pohadek - windows i NOD jsou nelegalni 
Mate k tomu nejake vysvetleni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
Windowsy ani Nod jsem já neinstaloval a bylo mi řečeno, že jsou to origo, tak jsem se tím dál nezabýval. Mění to něco na mé situaci s nějakou tou havětí?
Každopádně je fascinující co všechno se dá zjistit z takové hromady textu.
Každopádně je fascinující co všechno se dá zjistit z takové hromady textu.
Re: Podezdření na Malware
Pravidla fora hovori zcela jasne - nelegalni SW tu nepodporujeme
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Yagami
- Návštěvník
- Příspěvky: 30
- Registrován: 03 čer 2009 13:52
- Bydliště: Tokio 3
- Kontaktovat uživatele:
Re: Podezdření na Malware
Aha. No tak snad jindy. Ale i tak díky za pomoc.
Přispějete na provoz fóra?