Logfile of random's system information tool 1.09 (written by random/random)
Run by Tibor at 2012-10-29 14:35:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 11 GB (27%) free of 40 GB
Total RAM: 3835 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:30, on 29.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Programy\Altap Salamander 2.5\SALAMAND.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files\trend micro\Tibor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1845085360
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AC6BA38D93F1AC4E3AE5980B6FA8794A] "C:\Users\Tibor\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - D:\Programy\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8370 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26416832
\??\C:\Windows\system32\conhost.exe "-80851173803254116-13902276351063993078-14426613919539784271299543531570891234
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"D:\Programy\OO Software\Defrag\oodag.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"D:\Programy\OO Software\Defrag\oodtray.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"
"D:\Programy\Altap Salamander 2.5\SALAMAND.exe"
"C:\Windows\system32\NOTEPAD.EXE" D:\seznam\nStreamLmod_2.1\nStreamLmod_2.1\start.xml
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3548.ba8a500.2037351504 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3548 "\\.\pipe\gecko-crash-server-pipe.3548" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash4268.6B473AA0.41 --host-broker-channel=Flash4268.6B473AA0.18467 --host-pid=4268 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=2772.0014F7D8.1013382594 --proxy-stub-channel=Flash4268.6B473AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {0CB81E0D-0263-4701-8645-8E08710CEE93}
"D:\Film\Ostatni\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default
prefs.js - "browser.startup.homepage" - "http://search.orbitdownloader.com"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss ... abTrack&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files (x86)\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=d:\Programy\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\
anttoolbar@ant.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\searchplugins\
Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-05 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2012-07-27 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-05 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-24 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2012-07-27 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"OODefragTray"=D:\Programy\OO Software\Defrag\oodtray.exe [2012-09-14 7060848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
""= []
"AdobeBridge"= []
"Google Update"=C:\Users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
"GoogleChromeAutoLaunch_AC6BA38D93F1AC4E3AE5980B6FA8794A"=C:\Users\Tibor\AppData\Local\Google\Chrome\Application\chrome.exe [2012-10-10 1239064]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]
"AllShareAgent"=C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O&O Defrag Tray.lnk - C:\Windows\Installer\{07D8F982-2B93-4805-B15D-7569023A394D}\DefragIcon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-10-29 14:35:16 ----D---- C:\rsit
2012-10-29 14:35:16 ----D---- C:\Program Files\trend micro
2012-10-27 05:55:55 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-20 17:16:03 ----D---- C:\Users\Tibor\AppData\Roaming\ProgSense
2012-10-20 17:15:57 ----D---- C:\Users\Tibor\AppData\Roaming\GrabPro
2012-10-20 17:15:57 ----D---- C:\downloads
2012-10-20 17:15:04 ----D---- C:\Users\Tibor\AppData\Roaming\Orbit
2012-10-20 14:13:36 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-10-20 14:13:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-10-20 14:13:36 ----A---- C:\Windows\SYSWOW64\java.exe
2012-10-16 10:11:54 ----D---- C:\Users\Tibor\AppData\Roaming\HateML
2012-10-11 08:52:40 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-11 08:52:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-11 08:52:40 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 08:52:40 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 08:52:40 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 08:52:39 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-11 08:52:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 08:52:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-11 08:52:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-11 08:52:22 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 08:52:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-11 08:52:21 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 08:52:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-11 08:52:20 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 08:52:09 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 08:52:09 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 08:52:09 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 08:52:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-11 08:52:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-11 08:52:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-11 08:52:08 ----A---- C:\Windows\system32\wow64.dll
2012-10-11 08:52:08 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 08:52:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 08:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 08:52:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-11 08:52:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-11 08:52:07 ----A---- C:\Windows\system32\wow64win.dll
2012-10-11 08:52:07 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-11 08:52:07 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 08:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 08:52:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 08:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 08:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 08:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 08:52:02 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-11 08:51:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-11 08:51:40 ----A---- C:\Windows\system32\tzres.dll
2012-10-09 18:16:57 ----D---- C:\Program Files\Common Files\DESIGNER
2012-10-09 18:16:23 ----D---- C:\Windows\PCHEALTH
2012-10-09 18:14:11 ----D---- C:\Program Files\Microsoft Analysis Services
2012-10-09 18:14:11 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-10-09 18:13:58 ----D---- C:\Program Files (x86)\Microsoft Office
2012-10-08 18:07:11 ----A---- C:\Windows\AutoKMS.exe
2012-10-06 08:14:12 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-10-06 08:14:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-10-06 08:14:12 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-10-06 08:14:12 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-10-06 08:14:10 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-10-06 08:14:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-10-06 08:05:55 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-10-06 08:05:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-10-06 08:05:55 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-10-06 08:05:55 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-10-06 08:05:54 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-10-06 08:05:54 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-10-06 08:05:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-10-06 08:05:52 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-10-06 08:05:51 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-10-06 08:05:51 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-10-06 08:05:50 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-10-06 08:05:50 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-10-06 08:05:48 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-10-06 08:05:48 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-10-06 08:05:47 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-10-06 08:05:47 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-10-06 08:05:45 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-10-06 08:05:45 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-10-06 08:05:45 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-10-06 08:05:45 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-10-06 08:05:44 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-10-06 08:05:44 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-10-06 08:05:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-10-06 08:05:43 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-10-06 08:05:41 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-10-06 08:05:41 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-10-06 08:05:39 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-10-06 08:05:39 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-10-06 08:05:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-10-06 08:05:38 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-10-06 08:05:36 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-10-06 08:05:36 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-10-06 08:05:34 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-10-06 08:05:34 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-10-06 08:05:33 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-10-06 08:05:33 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-10-06 08:05:32 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-10-06 08:05:32 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-10-06 08:05:30 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-10-06 08:05:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-10-06 08:05:30 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-10-06 08:05:30 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-10-06 08:05:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-10-06 08:05:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-10-06 08:05:26 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-10-06 08:05:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-10-06 08:05:26 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-10-06 08:05:26 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-10-06 08:05:25 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-10-06 08:05:25 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-10-06 08:05:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-10-06 08:05:23 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-10-06 08:05:17 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-10-06 08:05:17 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-10-06 08:05:17 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-10-06 08:05:17 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-10-06 08:05:16 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-10-06 08:05:16 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-10-06 08:05:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-10-06 08:05:15 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-10-06 08:05:14 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-10-06 08:05:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-10-06 08:05:14 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-10-06 08:05:14 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-10-06 08:05:13 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-10-06 08:05:13 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-10-06 08:05:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-10-06 08:05:13 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-10-06 08:05:13 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-10-06 08:05:13 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-10-06 08:05:12 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-10-06 08:05:12 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-10-06 08:05:11 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-10-06 08:05:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-10-06 08:05:11 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-10-06 08:05:11 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-10-06 08:05:10 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-10-06 08:05:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-10-06 08:05:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-10-06 08:05:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-10-06 08:05:09 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-10-06 08:05:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-10-06 08:05:09 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-10-06 08:05:09 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-10-06 08:05:07 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-10-06 08:05:07 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-10-06 08:05:06 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-10-06 08:05:06 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-10-06 08:05:05 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-10-06 08:05:05 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-10-06 08:05:05 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-10-06 08:05:05 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-10-06 08:05:04 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-10-06 08:05:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-10-06 08:05:04 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-10-06 08:05:04 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-10-06 08:05:03 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-10-06 08:05:03 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-10-06 08:05:03 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-10-06 08:05:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-10-06 08:05:00 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-10-06 08:05:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-10-06 08:05:00 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-10-06 08:05:00 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-10-06 08:04:59 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-10-06 08:04:59 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-10-06 08:04:58 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-10-06 08:04:58 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-10-06 08:04:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-10-06 08:04:58 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-10-06 08:04:58 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-10-06 08:04:58 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-10-06 08:04:57 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-10-06 08:04:57 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-10-06 08:04:56 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-10-06 08:04:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-10-06 08:04:56 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-10-06 08:04:56 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-10-06 08:04:55 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-10-06 08:04:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-10-06 08:04:55 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-10-06 08:04:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-10-06 08:04:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-10-06 08:04:54 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-10-06 08:04:54 ----A---- C:\Windows\system32\xinput1_3.dll
2012-10-06 08:04:54 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-10-06 08:04:53 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-10-06 08:04:53 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-10-06 08:04:52 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-10-06 08:04:52 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-10-06 08:04:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-10-06 08:04:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-10-06 08:04:52 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-10-06 08:04:52 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-10-06 08:04:51 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-10-06 08:04:51 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-10-06 08:04:50 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-10-06 08:04:50 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-10-06 08:04:49 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-10-06 08:04:49 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-10-06 08:04:49 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-10-06 08:04:49 ----A---- C:\Windows\system32\d3dx10.dll
2012-10-06 08:04:48 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-10-06 08:04:48 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-10-06 08:04:48 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-10-06 08:04:48 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-10-06 08:04:47 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-10-06 08:04:47 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-10-06 08:04:46 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-10-06 08:04:46 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-10-06 08:04:46 ----A---- C:\Windows\system32\xinput1_2.dll
2012-10-06 08:04:46 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-10-06 08:04:45 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-10-06 08:04:45 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-10-06 08:02:12 ----D---- C:\Windows\SYSWOW64\directx
2012-10-06 07:55:13 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-10-06 07:55:13 ----A---- C:\Windows\system32\xinput1_1.dll
2012-10-06 07:55:11 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-10-06 07:55:11 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-10-06 07:54:59 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-10-06 07:54:59 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-10-06 07:54:57 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-10-06 07:54:57 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-10-06 07:54:57 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-10-06 07:54:57 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-10-06 07:54:55 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-10-06 07:54:55 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-10-06 07:54:54 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-10-06 07:54:54 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-10-06 07:54:52 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-10-06 07:54:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-10-06 07:54:50 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-10-06 07:54:50 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-10-06 07:54:49 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-10-06 07:54:49 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-10-06 07:54:47 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-10-06 07:54:47 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-10-01 09:50:48 ----D---- C:\Users\Tibor\AppData\Roaming\HD Video Converter
======List of files/folders modified in the last 1 month======
2012-10-29 14:35:16 ----RD---- C:\Program Files
2012-10-29 14:32:38 ----D---- C:\Windows\Temp
2012-10-29 14:26:33 ----D---- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
2012-10-29 14:26:21 ----D---- C:\Windows\Logs
2012-10-29 14:26:21 ----D---- C:\Windows\inf
2012-10-29 14:26:21 ----D---- C:\Windows\debug
2012-10-29 14:26:21 ----D---- C:\Windows
2012-10-29 14:01:52 ----D---- C:\Windows\Tasks
2012-10-29 13:14:28 ----D---- C:\Windows\system32\config
2012-10-29 09:42:36 ----D---- C:\Windows\System32
2012-10-29 09:42:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-28 10:48:56 ----SHD---- C:\System Volume Information
2012-10-28 06:15:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-27 14:51:01 ----D---- C:\Users\Tibor\AppData\Roaming\vlc
2012-10-27 14:18:35 ----RD---- C:\Program Files (x86)
2012-10-27 13:10:22 ----D---- C:\Windows\SysWOW64
2012-10-27 13:08:27 ----D---- C:\Program Files (x86)\TVersity Codec Pack
2012-10-27 13:08:22 ----D---- C:\Windows\Prefetch
2012-10-27 13:06:35 ----AD---- C:\ProgramData\TEMP
2012-10-25 18:50:06 ----SHD---- C:\Windows\Installer
2012-10-20 17:04:49 ----D---- C:\Users\Tibor\AppData\Roaming\Adobe
2012-10-20 17:04:34 ----D---- C:\Program Files (x86)\Adobe
2012-10-20 14:13:35 ----D---- C:\Program Files (x86)\Java
2012-10-17 19:36:19 ----RSD---- C:\Windows\assembly
2012-10-17 18:28:07 ----D---- C:\Windows\system32\catroot2
2012-10-16 21:28:06 ----D---- C:\Windows\rescache
2012-10-14 17:32:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-14 17:06:45 ----D---- C:\Windows\system32\Tasks
2012-10-11 10:24:56 ----D---- C:\Windows\winsxs
2012-10-11 10:08:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-10-11 10:08:43 ----D---- C:\Windows\system32\drivers
2012-10-11 10:08:43 ----D---- C:\Windows\system32\cs-CZ
2012-10-11 10:08:43 ----D---- C:\Windows\AppPatch
2012-10-11 08:54:54 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 08:52:16 ----D---- C:\Windows\system32\catroot
2012-10-10 07:41:42 ----D---- C:\ProgramData\Microsoft Help
2012-10-10 07:38:44 ----SD---- C:\ProgramData\Microsoft
2012-10-09 20:10:45 ----D---- C:\Windows\Microsoft.NET
2012-10-09 18:40:30 ----SD---- C:\Users\Tibor\AppData\Roaming\Microsoft
2012-10-09 18:17:02 ----RSD---- C:\Windows\Fonts
2012-10-09 18:16:57 ----D---- C:\Program Files\Common Files
2012-10-09 18:16:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-10-09 18:16:23 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-09 18:14:21 ----D---- C:\Windows\ShellNew
2012-10-09 17:54:35 ----D---- C:\Program Files (x86)\Common Files
2012-10-08 18:08:27 ----D---- C:\ProgramData\AutoKMS
2012-10-08 17:54:54 ----D---- C:\ProgramData\DAEMON Tools Lite
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-11 560184]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-28 270912]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 30312]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-07-27 4171328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S1 MpKsl1a67b0d3;MpKsl1a67b0d3; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E0476083-4573-44A4-9D65-C19F93976733}\MpKsl1a67b0d3.sys []
S3 a1ul57t5;a1ul57t5; C:\Windows\system32\drivers\a1ul57t5.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-28 44480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-08 361984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 OODefragAgent;O&O Defrag; D:\Programy\OO Software\Defrag\oodag.exe [2012-09-14 2552176]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-07-27 194032]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-27 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, děkuji.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu, děkuji.
Zdravim 
Co ten crack na Office?
Pokud chcete log prohlednout, odinstalujte Office a pak sem dejte logy z OTL
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Co ten crack na Office?
Pokud chcete log prohlednout, odinstalujte Office a pak sem dejte logy z OTL
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, děkuji.
Odinstaloval jsem spoust nesmyslů co jsem nepořeboval, spustil soubor podle návodu. Bohužel sken se nedokončil viz obr.otl.jpg.
- Přílohy
-
- otl.jpg (41.53 KiB) Zobrazeno 659 x
Re: Prosím o kontrolu, děkuji.
Program zustal vytuhlý v tomto stavu viz obr. otl1.jpg zatím ho nechávám spuštěný, ale nic se vůbec neděje už 15 min.
- Přílohy
-
- otl1.jpg (35.64 KiB) Zobrazeno 659 x
Re: Prosím o kontrolu, děkuji.
Tuto chybu OTL obcas vyhodi. Zkuste to tedy jeste jednou, ale tentokrat s timto upravenym skriptem
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, děkuji.
OTL logfile created on: 30.10.2012 14:30:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tibor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,75 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 61,75% Memory free
7,49 Gb Paging File | 5,82 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,95 Gb Total Space | 10,85 Gb Free Space | 27,85% Space Free | Partition Type: NTFS
Drive D: | 426,70 Gb Total Space | 43,70 Gb Free Space | 10,24% Space Free | Partition Type: NTFS
Computer Name: TIBOR-PC | User Name: Tibor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.30 14:27:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012.03.01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.08.20 05:54:40 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012.08.20 05:51:57 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012.08.20 05:42:09 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012.08.20 05:42:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.08.20 05:41:58 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012.08.20 05:41:55 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.08.20 05:38:10 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.08.20 05:38:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012.08.20 05:38:03 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.08.20 05:33:31 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.09.08 12:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.04.21 06:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.27 05:57:42 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.14 17:32:01 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.14 17:43:44 | 002,552,176 | ---- | M] (O&O Software GmbH) [Auto | Running] -- D:\Programy\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2012.08.01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.11 20:38:12 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.28 11:32:17 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.27 08:33:03 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.06.27 14:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.05.28 09:25:00 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.26 18:27:48 | 000,030,312 | ---- | M] (CaptainFlint Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.06.17 16:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.15 04:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.04.21 08:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 05:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.03 09:05:44 | 000,113,280 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2010.01.27 10:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.08.23 16:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1845085360
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1845085360
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKLM\..\SearchScopes\{23BD1C8C-FB9B-56C0-E935-7F5F87511A70}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=112250 ... ae1d9ea53d
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{23BD1C8C-FB9B-56C0-E935-7F5F87511A70}: "URL" = http://search.babylon.com/?q={searchTer ... ae1d9ea53d
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.orbitdownloader.com"
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss ... abTrack&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: d:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 05:57:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 05:55:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 05:57:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 05:55:58 | 000,000,000 | ---D | M]
[2012.07.27 08:47:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Extensions
[2012.10.25 12:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions
[2012.09.18 05:41:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.25 12:44:16 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\anttoolbar@ant.com
[2012.10.20 17:21:37 | 000,221,098 | ---- | M] () (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.07.27 21:25:59 | 000,005,903 | ---- | M] () (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\rpnetdownloadhelper@gmail.com.xpi
[2012.09.12 04:43:31 | 000,002,337 | ---- | M] () -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\searchplugins\Search.xml
[2012.10.27 05:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.27 05:57:47 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.27 21:13:27 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.07.14 03:30:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.14 03:30:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.14 03:30:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.14 03:30:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.14 03:30:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: New Tab = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\5.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.1_0\
CHR - Extension: XV \u2014 XML Viewer = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocglpgjdpaefaedpblffpeebgmgddk\1.0.10_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: XML Tree = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb\1.9.2.1_0\
CHR - Extension: Clickable Links = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.6_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Feedly = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\11.0.456_0\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\10.7_0\
CHR - Extension: Gmail = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] D:\Programy\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46166A9B-ADE0-448C-B0BD-6AD57318244B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell - "" = AutoRun
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.10.30 14:27:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
[2012.10.30 06:03:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.29 14:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.29 14:35:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.27 13:16:07 | 000,000,000 | ---D | C] -- C:\Users\Tibor\Documents\VertrigoServ Backup Files
[2012.10.27 05:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.25 19:14:15 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Local\DeSTRoi
[2012.10.20 17:16:03 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.10.20 17:15:57 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.20 17:15:57 | 000,000,000 | ---D | C] -- C:\downloads
[2012.10.20 17:15:04 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.10.20 17:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012.10.20 14:13:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.10.20 14:13:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.20 14:13:36 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.10.16 10:11:54 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.10.13 10:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VertrigoServ
[2012.10.11 08:52:40 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.11 08:52:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.11 08:52:25 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.11 08:52:24 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.11 08:52:24 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.11 08:52:20 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.11 08:52:09 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.11 08:52:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.11 08:52:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.11 08:52:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.11 08:52:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.11 08:52:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.11 08:52:07 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.11 08:52:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.11 08:52:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.11 08:52:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.11 08:52:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.11 08:52:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.11 08:52:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.11 08:52:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.11 08:52:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.11 08:52:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.11 08:52:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.11 08:52:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.11 08:52:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.11 08:52:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.08 18:07:11 | 000,472,576 | ---- | C] (Microsoft) -- C:\Windows\AutoKMS.exe
[2012.10.06 08:14:12 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.10.06 08:14:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.10.06 08:14:12 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.10.06 08:14:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.10.06 08:14:10 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.10.06 08:14:10 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.10.06 08:05:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.10.06 08:05:55 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.10.06 08:05:55 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.10.06 08:05:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.10.06 08:05:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.10.06 08:05:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.10.06 08:05:52 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.10.06 08:05:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.10.06 08:05:51 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.10.06 08:05:51 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.10.06 08:05:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.10.06 08:05:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.10.06 08:05:48 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.10.06 08:05:48 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.10.06 08:05:47 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.10.06 08:05:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.10.06 08:05:45 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.10.06 08:05:45 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.10.06 08:05:45 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.10.06 08:05:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.10.06 08:05:44 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.10.06 08:05:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.10.06 08:05:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.10.06 08:05:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.10.06 08:05:41 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.10.06 08:05:41 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.10.06 08:05:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.10.06 08:05:39 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.10.06 08:05:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012.10.06 08:05:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012.10.06 08:05:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.10.06 08:05:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.10.06 08:05:34 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012.10.06 08:05:34 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012.10.06 08:05:33 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.10.06 08:05:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.10.06 08:05:32 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012.10.06 08:05:32 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.10.06 08:05:30 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.10.06 08:05:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.10.06 08:05:30 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.10.06 08:05:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.10.06 08:05:28 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.10.06 08:05:28 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.10.06 08:05:26 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.10.06 08:05:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.10.06 08:05:26 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.10.06 08:05:26 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.10.06 08:05:25 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.10.06 08:05:25 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.10.06 08:05:23 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.10.06 08:05:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.10.06 08:05:17 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.10.06 08:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.10.06 08:05:17 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.10.06 08:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.10.06 08:05:16 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.10.06 08:05:16 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.10.06 08:05:15 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.10.06 08:05:15 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.10.06 08:05:14 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.10.06 08:05:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.10.06 08:05:14 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.10.06 08:05:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.10.06 08:05:13 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.10.06 08:05:13 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.10.06 08:05:13 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.10.06 08:05:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.10.06 08:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.10.06 08:05:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.10.06 08:05:12 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.10.06 08:05:12 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.10.06 08:05:11 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.10.06 08:05:11 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.10.06 08:05:11 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.10.06 08:05:11 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.10.06 08:05:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.10.06 08:05:10 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.10.06 08:05:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.10.06 08:05:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.10.06 08:05:09 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.10.06 08:05:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.10.06 08:05:09 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.10.06 08:05:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.10.06 08:05:07 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.10.06 08:05:07 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.10.06 08:05:06 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.10.06 08:05:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.10.06 08:05:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.10.06 08:05:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.10.06 08:05:05 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.10.06 08:05:05 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.10.06 08:05:04 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.10.06 08:05:04 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.10.06 08:05:04 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.10.06 08:05:04 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.10.06 08:05:03 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.10.06 08:05:03 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.10.06 08:05:03 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.10.06 08:05:03 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.10.06 08:05:00 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.10.06 08:05:00 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.10.06 08:05:00 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.10.06 08:05:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.10.06 08:04:59 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.10.06 08:04:59 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.10.06 08:04:58 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.10.06 08:04:58 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.10.06 08:04:58 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.10.06 08:04:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.10.06 08:04:58 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.10.06 08:04:58 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.10.06 08:04:57 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.10.06 08:04:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.10.06 08:04:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.10.06 08:04:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.10.06 08:04:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.10.06 08:04:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.10.06 08:04:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.10.06 08:04:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.10.06 08:04:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.10.06 08:04:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.10.06 08:04:54 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.10.06 08:04:54 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.10.06 08:04:54 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.10.06 08:04:54 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.10.06 08:04:53 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.10.06 08:04:53 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.10.06 08:04:52 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.10.06 08:04:52 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.10.06 08:04:52 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.10.06 08:04:52 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.10.06 08:04:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.10.06 08:04:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.10.06 08:04:51 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.10.06 08:04:51 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.10.06 08:04:50 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.10.06 08:04:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.10.06 08:04:49 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.10.06 08:04:49 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.10.06 08:04:49 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.10.06 08:04:49 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.10.06 08:04:48 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.10.06 08:04:48 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.10.06 08:04:48 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.10.06 08:04:48 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.10.06 08:04:47 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.10.06 08:04:47 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.10.06 08:04:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.10.06 08:04:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.10.06 08:04:46 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.10.06 08:04:46 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.10.06 08:04:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.10.06 08:04:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.10.06 08:02:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.10.06 07:57:59 | 000,000,000 | ---D | C] -- C:\Users\Tibor\Documents\PhoenixRC
[2012.10.06 07:55:13 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.10.06 07:55:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.10.06 07:55:11 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.10.06 07:55:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.10.06 07:54:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012.10.06 07:54:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012.10.06 07:54:57 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.10.06 07:54:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.10.06 07:54:57 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.10.06 07:54:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.10.06 07:54:55 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.10.06 07:54:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.10.06 07:54:54 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.10.06 07:54:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.10.06 07:54:52 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.10.06 07:54:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.10.06 07:54:50 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.10.06 07:54:50 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.10.06 07:54:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.10.06 07:54:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.10.06 07:54:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.10.06 07:54:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.10.06 07:54:01 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhoenixRC
[2012.10.01 09:50:48 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
========== Files - Modified Within 30 Days ==========
[2012.10.30 14:34:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.30 14:31:45 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 14:31:45 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 14:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.30 14:27:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
[2012.10.30 14:26:18 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.10.30 14:23:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.30 14:23:34 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.30 14:23:33 | 000,163,328 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2012.10.30 14:05:05 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
[2012.10.30 11:39:05 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.30 11:39:05 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.30 11:39:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.30 11:39:05 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.30 11:39:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.30 06:50:06 | 004,959,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.29 17:05:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.10.29 14:09:20 | 000,007,601 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Resmon.ResmonCfg
[2012.10.21 21:01:36 | 000,000,739 | ---- | M] () -- C:\Users\Tibor\AppData\Roaming\DriveCalculator Preferences
[2012.10.20 17:04:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Flash Media Encoder.lnk
[2012.10.15 17:51:50 | 000,000,978 | ---- | M] () -- C:\Users\Tibor\Desktop\PSPad – zástupce.lnk
[2012.10.14 17:32:00 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.14 17:31:59 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.09 18:28:45 | 000,472,576 | ---- | M] (Microsoft) -- C:\Windows\AutoKMS.exe
[2012.10.06 07:58:15 | 000,000,606 | ---- | M] () -- C:\Users\Tibor\Desktop\PhoenixRC.lnk
[2012.10.01 09:50:44 | 000,000,062 | ---- | M] () -- C:\Windows\support.url
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tibor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,75 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 61,75% Memory free
7,49 Gb Paging File | 5,82 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,95 Gb Total Space | 10,85 Gb Free Space | 27,85% Space Free | Partition Type: NTFS
Drive D: | 426,70 Gb Total Space | 43,70 Gb Free Space | 10,24% Space Free | Partition Type: NTFS
Computer Name: TIBOR-PC | User Name: Tibor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.30 14:27:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012.03.01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.08.20 05:54:40 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
MOD - [2012.08.20 05:51:57 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012.08.20 05:42:09 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012.08.20 05:42:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.08.20 05:41:58 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012.08.20 05:41:55 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.08.20 05:38:10 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.08.20 05:38:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012.08.20 05:38:03 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.08.20 05:33:31 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.09.08 12:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.04.21 06:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.27 05:57:42 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.14 17:32:01 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.14 17:43:44 | 002,552,176 | ---- | M] (O&O Software GmbH) [Auto | Running] -- D:\Programy\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2012.08.01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.11 20:38:12 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.28 11:32:17 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.27 08:33:03 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.06.27 14:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.05.28 09:25:00 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.26 18:27:48 | 000,030,312 | ---- | M] (CaptainFlint Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.06.17 16:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.15 04:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.04.21 08:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 05:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.03 09:05:44 | 000,113,280 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2010.01.27 10:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.08.23 16:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1845085360
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1845085360
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKLM\..\SearchScopes\{23BD1C8C-FB9B-56C0-E935-7F5F87511A70}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=112250 ... ae1d9ea53d
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchya.com/?q={searchTerms ... 1845085360
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\..\SearchScopes\{23BD1C8C-FB9B-56C0-E935-7F5F87511A70}: "URL" = http://search.babylon.com/?q={searchTer ... ae1d9ea53d
IE - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.orbitdownloader.com"
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss ... abTrack&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: d:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 05:57:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 05:55:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 05:57:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 05:55:58 | 000,000,000 | ---D | M]
[2012.07.27 08:47:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Extensions
[2012.10.25 12:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions
[2012.09.18 05:41:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.25 12:44:16 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\anttoolbar@ant.com
[2012.10.20 17:21:37 | 000,221,098 | ---- | M] () (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.07.27 21:25:59 | 000,005,903 | ---- | M] () (No name found) -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\extensions\rpnetdownloadhelper@gmail.com.xpi
[2012.09.12 04:43:31 | 000,002,337 | ---- | M] () -- C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\qylei70j.default\searchplugins\Search.xml
[2012.10.27 05:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.27 05:57:47 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.27 21:13:27 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.07.14 03:30:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.14 03:30:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.14 03:30:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.14 03:30:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.14 03:30:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tibor\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Tibor\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: New Tab = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\5.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.1_0\
CHR - Extension: XV \u2014 XML Viewer = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocglpgjdpaefaedpblffpeebgmgddk\1.0.10_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: XML Tree = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb\1.9.2.1_0\
CHR - Extension: Clickable Links = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.6_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Feedly = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\11.0.456_0\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\10.7_0\
CHR - Extension: Gmail = C:\Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] D:\Programy\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2876282606-4237110239-2556333555-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46166A9B-ADE0-448C-B0BD-6AD57318244B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell - "" = AutoRun
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{ba9b558a-d89e-11e1-8d0c-88ae1d9ea53d}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.10.30 14:27:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
[2012.10.30 06:03:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.29 14:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.29 14:35:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.27 13:16:07 | 000,000,000 | ---D | C] -- C:\Users\Tibor\Documents\VertrigoServ Backup Files
[2012.10.27 05:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.25 19:14:15 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Local\DeSTRoi
[2012.10.20 17:16:03 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.10.20 17:15:57 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.20 17:15:57 | 000,000,000 | ---D | C] -- C:\downloads
[2012.10.20 17:15:04 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.10.20 17:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012.10.20 14:13:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.10.20 14:13:36 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.20 14:13:36 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.10.16 10:11:54 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.10.13 10:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VertrigoServ
[2012.10.11 08:52:40 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.11 08:52:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.11 08:52:25 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.11 08:52:24 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.11 08:52:24 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.11 08:52:20 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.11 08:52:09 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.11 08:52:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.11 08:52:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.11 08:52:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.11 08:52:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.11 08:52:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.11 08:52:07 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.11 08:52:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.11 08:52:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.11 08:52:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.11 08:52:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.11 08:52:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.11 08:52:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.11 08:52:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.11 08:52:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.11 08:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.11 08:52:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.11 08:52:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.11 08:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.11 08:52:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.11 08:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.11 08:52:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.11 08:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.11 08:52:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.11 08:52:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.11 08:52:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.08 18:07:11 | 000,472,576 | ---- | C] (Microsoft) -- C:\Windows\AutoKMS.exe
[2012.10.06 08:14:12 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.10.06 08:14:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.10.06 08:14:12 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.10.06 08:14:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.10.06 08:14:10 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.10.06 08:14:10 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.10.06 08:05:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.10.06 08:05:55 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.10.06 08:05:55 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.10.06 08:05:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.10.06 08:05:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.10.06 08:05:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.10.06 08:05:52 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.10.06 08:05:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.10.06 08:05:51 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.10.06 08:05:51 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.10.06 08:05:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.10.06 08:05:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.10.06 08:05:48 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.10.06 08:05:48 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.10.06 08:05:47 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.10.06 08:05:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.10.06 08:05:45 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.10.06 08:05:45 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.10.06 08:05:45 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.10.06 08:05:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.10.06 08:05:44 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.10.06 08:05:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.10.06 08:05:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.10.06 08:05:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.10.06 08:05:41 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.10.06 08:05:41 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.10.06 08:05:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.10.06 08:05:39 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.10.06 08:05:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012.10.06 08:05:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012.10.06 08:05:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.10.06 08:05:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.10.06 08:05:34 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012.10.06 08:05:34 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012.10.06 08:05:33 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.10.06 08:05:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.10.06 08:05:32 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012.10.06 08:05:32 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.10.06 08:05:30 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.10.06 08:05:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.10.06 08:05:30 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.10.06 08:05:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.10.06 08:05:28 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.10.06 08:05:28 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.10.06 08:05:26 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.10.06 08:05:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.10.06 08:05:26 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.10.06 08:05:26 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.10.06 08:05:25 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.10.06 08:05:25 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.10.06 08:05:23 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.10.06 08:05:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.10.06 08:05:17 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.10.06 08:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.10.06 08:05:17 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.10.06 08:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.10.06 08:05:16 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.10.06 08:05:16 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.10.06 08:05:15 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.10.06 08:05:15 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.10.06 08:05:14 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.10.06 08:05:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.10.06 08:05:14 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.10.06 08:05:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.10.06 08:05:13 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.10.06 08:05:13 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.10.06 08:05:13 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.10.06 08:05:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.10.06 08:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.10.06 08:05:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.10.06 08:05:12 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.10.06 08:05:12 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.10.06 08:05:11 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.10.06 08:05:11 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.10.06 08:05:11 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.10.06 08:05:11 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.10.06 08:05:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.10.06 08:05:10 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.10.06 08:05:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.10.06 08:05:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.10.06 08:05:09 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.10.06 08:05:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.10.06 08:05:09 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.10.06 08:05:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.10.06 08:05:07 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.10.06 08:05:07 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.10.06 08:05:06 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.10.06 08:05:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.10.06 08:05:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.10.06 08:05:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.10.06 08:05:05 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.10.06 08:05:05 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.10.06 08:05:04 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.10.06 08:05:04 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.10.06 08:05:04 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.10.06 08:05:04 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.10.06 08:05:03 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.10.06 08:05:03 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.10.06 08:05:03 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.10.06 08:05:03 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.10.06 08:05:00 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.10.06 08:05:00 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.10.06 08:05:00 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.10.06 08:05:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.10.06 08:04:59 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.10.06 08:04:59 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.10.06 08:04:58 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.10.06 08:04:58 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.10.06 08:04:58 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.10.06 08:04:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.10.06 08:04:58 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.10.06 08:04:58 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.10.06 08:04:57 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.10.06 08:04:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.10.06 08:04:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.10.06 08:04:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.10.06 08:04:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.10.06 08:04:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.10.06 08:04:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.10.06 08:04:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.10.06 08:04:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.10.06 08:04:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.10.06 08:04:54 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.10.06 08:04:54 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.10.06 08:04:54 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.10.06 08:04:54 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.10.06 08:04:53 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.10.06 08:04:53 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.10.06 08:04:52 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.10.06 08:04:52 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.10.06 08:04:52 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.10.06 08:04:52 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.10.06 08:04:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.10.06 08:04:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.10.06 08:04:51 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.10.06 08:04:51 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.10.06 08:04:50 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.10.06 08:04:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.10.06 08:04:49 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.10.06 08:04:49 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.10.06 08:04:49 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.10.06 08:04:49 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.10.06 08:04:48 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.10.06 08:04:48 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.10.06 08:04:48 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.10.06 08:04:48 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.10.06 08:04:47 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.10.06 08:04:47 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.10.06 08:04:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.10.06 08:04:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.10.06 08:04:46 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.10.06 08:04:46 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.10.06 08:04:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.10.06 08:04:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.10.06 08:02:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.10.06 07:57:59 | 000,000,000 | ---D | C] -- C:\Users\Tibor\Documents\PhoenixRC
[2012.10.06 07:55:13 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.10.06 07:55:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.10.06 07:55:11 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.10.06 07:55:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.10.06 07:54:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012.10.06 07:54:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012.10.06 07:54:57 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.10.06 07:54:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.10.06 07:54:57 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.10.06 07:54:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.10.06 07:54:55 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.10.06 07:54:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.10.06 07:54:54 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.10.06 07:54:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.10.06 07:54:52 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.10.06 07:54:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.10.06 07:54:50 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.10.06 07:54:50 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.10.06 07:54:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.10.06 07:54:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.10.06 07:54:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.10.06 07:54:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.10.06 07:54:01 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhoenixRC
[2012.10.01 09:50:48 | 000,000,000 | ---D | C] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
========== Files - Modified Within 30 Days ==========
[2012.10.30 14:34:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.30 14:31:45 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 14:31:45 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.30 14:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.30 14:27:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tibor\Desktop\OTL.exe
[2012.10.30 14:26:18 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.10.30 14:23:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.30 14:23:34 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.30 14:23:33 | 000,163,328 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2012.10.30 14:05:05 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
[2012.10.30 11:39:05 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.30 11:39:05 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.30 11:39:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.30 11:39:05 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.30 11:39:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.30 06:50:06 | 004,959,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.29 17:05:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.10.29 14:09:20 | 000,007,601 | ---- | M] () -- C:\Users\Tibor\AppData\Local\Resmon.ResmonCfg
[2012.10.21 21:01:36 | 000,000,739 | ---- | M] () -- C:\Users\Tibor\AppData\Roaming\DriveCalculator Preferences
[2012.10.20 17:04:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Flash Media Encoder.lnk
[2012.10.15 17:51:50 | 000,000,978 | ---- | M] () -- C:\Users\Tibor\Desktop\PSPad – zástupce.lnk
[2012.10.14 17:32:00 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.14 17:31:59 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.09 18:28:45 | 000,472,576 | ---- | M] (Microsoft) -- C:\Windows\AutoKMS.exe
[2012.10.06 07:58:15 | 000,000,606 | ---- | M] () -- C:\Users\Tibor\Desktop\PhoenixRC.lnk
[2012.10.01 09:50:44 | 000,000,062 | ---- | M] () -- C:\Windows\support.url
Re: Prosím o kontrolu, děkuji.
========== Files Created - No Company Name ==========
[2012.10.30 14:34:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.29 14:09:20 | 000,007,601 | ---- | C] () -- C:\Users\Tibor\AppData\Local\Resmon.ResmonCfg
[2012.10.27 06:18:54 | 000,000,775 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
[2012.10.20 17:04:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Flash Media Encoder.lnk
[2012.10.15 17:51:57 | 000,000,978 | ---- | C] () -- C:\Users\Tibor\Desktop\PSPad – zástupce.lnk
[2012.10.14 17:06:45 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 13:51:41 | 000,001,256 | ---- | C] () -- C:\Users\Tibor\Desktop\TotalMedia – zástupce.lnk
[2012.10.06 07:54:01 | 000,000,606 | ---- | C] () -- C:\Users\Tibor\Desktop\PhoenixRC.lnk
[2012.10.01 09:50:44 | 000,000,062 | ---- | C] () -- C:\Windows\support.url
[2012.09.11 20:38:04 | 000,384,835 | ---- | C] () -- C:\Users\Tibor\AppData\Local\speeddial.crx
[2012.09.05 15:47:38 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2012.09.05 15:47:37 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012.08.11 06:48:45 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.10 21:37:36 | 000,005,632 | ---- | C] () -- C:\Users\Tibor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.30 16:23:26 | 000,000,739 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\DriveCalculator Preferences
[2012.07.28 12:27:07 | 000,001,057 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\vso_ts_preview.xml
[2012.07.27 09:59:25 | 000,000,032 | ---- | C] () -- C:\Users\Tibor\.deskmetrics
[2012.07.27 08:49:29 | 001,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.27 08:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.27 08:38:00 | 000,000,600 | ---- | C] () -- C:\Users\Tibor\winscp.RND
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.08.09 13:06:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AIMP3
[2012.07.27 09:43:27 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AnvSoft
[2012.07.27 09:51:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Ashampoo
[2012.07.27 09:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\avidemux
[2012.07.27 21:12:02 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Babylon
[2012.08.11 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Canon
[2012.10.29 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
[2012.08.24 21:03:00 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Datel
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DevProf
[2012.08.20 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ExtremeCopy
[2012.07.28 12:10:59 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\FileZilla
[2012.08.29 08:55:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\foobar2000
[2012.10.20 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.16 10:12:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.09.13 10:13:41 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Tune Pro
[2012.10.01 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
[2012.09.17 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HEXelon
[2012.08.08 18:11:32 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\KastorVideoConverter
[2012.08.26 11:03:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Nokia
[2012.07.27 08:45:48 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Opera
[2012.10.21 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.08.26 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\PC Suite
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Profili
[2012.10.20 17:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.08.12 22:01:24 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Samsung
[2012.07.27 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\URSoft
[2012.09.03 09:39:29 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Vso
[2012.07.28 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Winff
[2012.09.18 13:46:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.27 08:48:43 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.07.27 08:48:44 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
[2012.07.27 21:29:07 | 000,000,984 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job
[2012.10.14 17:06:45 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.20 17:04:49 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Adobe
[2012.08.09 13:06:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AIMP3
[2012.07.27 09:43:27 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AnvSoft
[2012.07.28 19:44:42 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ArcSoft
[2012.07.27 09:51:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Ashampoo
[2012.07.27 08:34:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ATI
[2012.07.27 09:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\avidemux
[2012.07.27 21:12:02 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Babylon
[2012.08.11 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Canon
[2012.10.29 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
[2012.08.24 21:03:00 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Datel
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DevProf
[2012.09.03 09:15:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DivX
[2012.09.15 07:49:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\dvdcss
[2012.08.20 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ExtremeCopy
[2012.07.28 12:10:59 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\FileZilla
[2012.08.29 08:55:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\foobar2000
[2012.10.20 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.16 10:12:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.09.13 10:13:41 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Tune Pro
[2012.10.01 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
[2012.09.17 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HEXelon
[2012.07.27 08:27:11 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Identities
[2012.07.27 08:33:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\InstallShield
[2012.08.08 18:11:32 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\KastorVideoConverter
[2012.07.27 08:50:47 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Macromedia
[2010.11.21 10:38:16 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Media Center Programs
[2012.10.09 18:40:30 | 000,000,000 | --SD | M] -- C:\Users\Tibor\AppData\Roaming\Microsoft
[2012.09.02 09:24:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Mozilla
[2012.08.26 11:03:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Nokia
[2012.07.27 08:45:48 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Opera
[2012.10.21 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.08.26 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\PC Suite
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Profili
[2012.10.20 17:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.08.12 22:01:24 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Samsung
[2012.07.27 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\URSoft
[2012.10.27 14:51:01 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\vlc
[2012.09.03 09:39:29 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Vso
[2012.07.28 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Winff
[2012.07.28 12:28:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\WinRAR
[2012.09.18 13:46:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.10.06 07:58:15 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{00B57982-57F9-47F8-B0CA-341DFAE7787F}\ARPPRODUCTICON.exe
[2012.10.06 08:06:07 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\ARPPRODUCTICON.exe
[2012.10.06 08:06:07 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\NewShortcut1_D82E1A21FF374417B3E68D61F803C35D.exe
[2012.10.06 08:06:07 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\NewShortcut2_B81EF528E6964545A57DCFB2387636B2.exe
[2012.10.17 19:32:56 | 000,045,056 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{22B3A0A2-F650-44E8-AE28-00D20C4B6C1D}\ARPPRODUCTICON.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_124305e.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_154754de.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_39b32d12.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_428b26a6.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_440d491c.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_4d064db7.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_644366bb.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_74d4dc8.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_7e87390c.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_f3e99.exe
[2012.10.06 08:11:38 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{AF80D8A3-CCEC-4CC2-BE6C-3E8512286993}\ARPPRODUCTICON.exe
[2012.10.06 08:11:38 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{AF80D8A3-CCEC-4CC2-BE6C-3E8512286993}\NewShortcut1_109A2A71E4394D28A5ACD8F8321BB21B.exe
[2012.10.06 07:59:52 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{B42A024D-DD54-4AFB-BC40-D81C538E516B}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.10.30 14:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.30 14:26:18 | 000,000,984 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2012.10.29 17:05:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.10.30 14:05:05 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
[2010.07.11 01:53:54 | 000,077,824 | ---- | M] () -- \ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe
[2010.07.11 01:53:54 | 000,077,824 | ---- | M] () -- \Users\All Users\AutoKMS\Resources\KMSKG\Keygen.exe
< *loader* /s >
[2011.11.07 12:00:00 | 000,058,854 | ---- | M] () -- \d\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2011.11.07 12:00:00 | 000,058,854 | ---- | M] () -- \d\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.05.28 03:08:10 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.10.07 08:41:39 | 000,001,737 | ---- | M] () -- \Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\10.7_0\img\ajax-loader.gif
[2012.10.20 17:16:07 | 000,000,706 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.orbitdownloader.com%2Ffavicon.png
[2012.10.20 17:16:07 | 000,000,098 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\www.orbitdownloader.com.idx
[2012.10.20 17:17:17 | 000,022,486 | ---- | M] () -- \Users\Tibor\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2012.10.30 14:29:01 | 000,022,536 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-AD4FC691.pf
[2009.07.14 14:25:34 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 10:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 10:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 10:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 10:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 10:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.07.27 21:14:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.07.27 21:14:34 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.07.27 21:14:37 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.07.27 21:14:37 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.07.27 21:14:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 10:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \ProgramData\AutoKMS\AutoKMS.cmd
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \Users\All Users\AutoKMS\AutoKMS.cmd
[2012.10.09 18:28:45 | 000,472,576 | ---- | M] () -- \Windows\AutoKMS.exe
[2012.10.30 14:25:12 | 000,001,228 | ---- | M] () -- \Windows\AutoKMS.log
< *activator* /s >
[2011.12.22 16:41:52 | 000,105,661 | ---- | M] () -- \d\Windows XP Activator Geniune[SP1,SP2,SP3 100% WORKS].rar
[2011.12.22 16:39:09 | 000,000,803 | ---- | M] () -- \d\Windows_XP_Activator_Geniune[SP1_SP2_SP3_S].5849727.TPB.torrent
[2010.07.01 13:41:40 | 000,333,312 | ---- | M] () -- \d\Windows XP Activator\WINDOWS XP ACTIVATOR.exe
< *serial* /s >
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.07.27 21:43:33 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.04.11 03:37:58 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.07.27 21:44:16 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.07.27 14:21:30 | 000,000,286 | ---- | M] () -- \Users\Tibor\AppData\Local\Microsoft\Windows Sidebar\Gadgets\tvprogram.gadget\images\iconSerial.png
[2012.10.13 07:34:06 | 000,000,363 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2012.09.24 14:43:35 | 000,000,581 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2012.10.13 07:34:06 | 000,000,073 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\serialy.kinotip.cz.idx
[2012.09.24 14:43:35 | 000,000,071 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\www.serialzone.cz.idx
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.08.20 05:46:08 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:46:35 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.08.20 08:01:35 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
[2012.08.20 07:40:59 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:51:58 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:51:51 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.08.17 16:09:34 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.17 16:09:28 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.08.20 05:54:52 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2012.08.20 18:06:54 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 18:06:38 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
[2012.08.21 07:55:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
[2012.08.20 05:41:24 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.08.20 05:41:23 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.08.20 05:41:28 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 10:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 10:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 10:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.07.27 21:14:39 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.07.27 21:14:40 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.11.21 10:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 10:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010.11.21 10:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:1CE11B51
< End of report >
[2012.10.30 14:34:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.29 14:09:20 | 000,007,601 | ---- | C] () -- C:\Users\Tibor\AppData\Local\Resmon.ResmonCfg
[2012.10.27 06:18:54 | 000,000,775 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
[2012.10.20 17:04:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Flash Media Encoder.lnk
[2012.10.15 17:51:57 | 000,000,978 | ---- | C] () -- C:\Users\Tibor\Desktop\PSPad – zástupce.lnk
[2012.10.14 17:06:45 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 13:51:41 | 000,001,256 | ---- | C] () -- C:\Users\Tibor\Desktop\TotalMedia – zástupce.lnk
[2012.10.06 07:54:01 | 000,000,606 | ---- | C] () -- C:\Users\Tibor\Desktop\PhoenixRC.lnk
[2012.10.01 09:50:44 | 000,000,062 | ---- | C] () -- C:\Windows\support.url
[2012.09.11 20:38:04 | 000,384,835 | ---- | C] () -- C:\Users\Tibor\AppData\Local\speeddial.crx
[2012.09.05 15:47:38 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2012.09.05 15:47:37 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012.08.11 06:48:45 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.10 21:37:36 | 000,005,632 | ---- | C] () -- C:\Users\Tibor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.30 16:23:26 | 000,000,739 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\DriveCalculator Preferences
[2012.07.28 12:27:07 | 000,001,057 | ---- | C] () -- C:\Users\Tibor\AppData\Roaming\vso_ts_preview.xml
[2012.07.27 09:59:25 | 000,000,032 | ---- | C] () -- C:\Users\Tibor\.deskmetrics
[2012.07.27 08:49:29 | 001,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.27 08:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.27 08:38:00 | 000,000,600 | ---- | C] () -- C:\Users\Tibor\winscp.RND
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.08.09 13:06:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AIMP3
[2012.07.27 09:43:27 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AnvSoft
[2012.07.27 09:51:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Ashampoo
[2012.07.27 09:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\avidemux
[2012.07.27 21:12:02 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Babylon
[2012.08.11 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Canon
[2012.10.29 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
[2012.08.24 21:03:00 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Datel
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DevProf
[2012.08.20 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ExtremeCopy
[2012.07.28 12:10:59 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\FileZilla
[2012.08.29 08:55:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\foobar2000
[2012.10.20 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.16 10:12:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.09.13 10:13:41 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Tune Pro
[2012.10.01 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
[2012.09.17 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HEXelon
[2012.08.08 18:11:32 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\KastorVideoConverter
[2012.08.26 11:03:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Nokia
[2012.07.27 08:45:48 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Opera
[2012.10.21 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.08.26 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\PC Suite
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Profili
[2012.10.20 17:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.08.12 22:01:24 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Samsung
[2012.07.27 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\URSoft
[2012.09.03 09:39:29 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Vso
[2012.07.28 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Winff
[2012.09.18 13:46:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.27 08:48:43 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.07.27 08:48:44 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
[2012.07.27 21:29:07 | 000,000,984 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job
[2012.10.14 17:06:45 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.20 17:04:49 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Adobe
[2012.08.09 13:06:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AIMP3
[2012.07.27 09:43:27 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\AnvSoft
[2012.07.28 19:44:42 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ArcSoft
[2012.07.27 09:51:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Ashampoo
[2012.07.27 08:34:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ATI
[2012.07.27 09:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\avidemux
[2012.07.27 21:12:02 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Babylon
[2012.08.11 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Canon
[2012.10.29 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
[2012.08.24 21:03:00 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Datel
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DevProf
[2012.09.03 09:15:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\DivX
[2012.09.15 07:49:46 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\dvdcss
[2012.08.20 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ExtremeCopy
[2012.07.28 12:10:59 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\FileZilla
[2012.08.29 08:55:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\foobar2000
[2012.10.20 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\GrabPro
[2012.10.16 10:12:06 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HateML
[2012.09.13 10:13:41 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Tune Pro
[2012.10.01 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HD Video Converter
[2012.09.17 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\HEXelon
[2012.07.27 08:27:11 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Identities
[2012.07.27 08:33:05 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\InstallShield
[2012.08.08 18:11:32 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\KastorVideoConverter
[2012.07.27 08:50:47 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Macromedia
[2010.11.21 10:38:16 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Media Center Programs
[2012.10.09 18:40:30 | 000,000,000 | --SD | M] -- C:\Users\Tibor\AppData\Roaming\Microsoft
[2012.09.02 09:24:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Mozilla
[2012.08.26 11:03:04 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Nokia
[2012.07.27 08:45:48 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Opera
[2012.10.21 12:33:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Orbit
[2012.08.26 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\PC Suite
[2012.07.28 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Profili
[2012.10.20 17:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\ProgSense
[2012.08.12 22:01:24 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Samsung
[2012.07.27 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\URSoft
[2012.10.27 14:51:01 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\vlc
[2012.09.03 09:39:29 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Vso
[2012.07.28 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Winff
[2012.07.28 12:28:23 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\WinRAR
[2012.09.18 13:46:50 | 000,000,000 | ---D | M] -- C:\Users\Tibor\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.10.06 07:58:15 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{00B57982-57F9-47F8-B0CA-341DFAE7787F}\ARPPRODUCTICON.exe
[2012.10.06 08:06:07 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\ARPPRODUCTICON.exe
[2012.10.06 08:06:07 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\NewShortcut1_D82E1A21FF374417B3E68D61F803C35D.exe
[2012.10.06 08:06:07 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{12F865ED-8D74-427A-8F73-8687D37E9C5D}\NewShortcut2_B81EF528E6964545A57DCFB2387636B2.exe
[2012.10.17 19:32:56 | 000,045,056 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{22B3A0A2-F650-44E8-AE28-00D20C4B6C1D}\ARPPRODUCTICON.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_124305e.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_154754de.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_39b32d12.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_428b26a6.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_440d491c.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_4d064db7.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_644366bb.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_74d4dc8.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_7e87390c.exe
[2012.10.06 07:54:01 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{86404000-52CF-41AE-9B2E-85892F7CB7D4}\_f3e99.exe
[2012.10.06 08:11:38 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{AF80D8A3-CCEC-4CC2-BE6C-3E8512286993}\ARPPRODUCTICON.exe
[2012.10.06 08:11:38 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{AF80D8A3-CCEC-4CC2-BE6C-3E8512286993}\NewShortcut1_109A2A71E4394D28A5ACD8F8321BB21B.exe
[2012.10.06 07:59:52 | 000,005,694 | R--- | M] () -- C:\Users\Tibor\AppData\Roaming\Microsoft\Installer\{B42A024D-DD54-4AFB-BC40-D81C538E516B}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.10.30 14:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.30 14:26:18 | 000,000,984 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2012.10.29 17:05:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000Core.job
[2012.10.30 14:05:05 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876282606-4237110239-2556333555-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
[2010.07.11 01:53:54 | 000,077,824 | ---- | M] () -- \ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe
[2010.07.11 01:53:54 | 000,077,824 | ---- | M] () -- \Users\All Users\AutoKMS\Resources\KMSKG\Keygen.exe
< *loader* /s >
[2011.11.07 12:00:00 | 000,058,854 | ---- | M] () -- \d\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2011.11.07 12:00:00 | 000,058,854 | ---- | M] () -- \d\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.05.28 03:08:10 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.10.07 08:41:39 | 000,001,737 | ---- | M] () -- \Users\Tibor\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\10.7_0\img\ajax-loader.gif
[2012.10.20 17:16:07 | 000,000,706 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.orbitdownloader.com%2Ffavicon.png
[2012.10.20 17:16:07 | 000,000,098 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\www.orbitdownloader.com.idx
[2012.10.20 17:17:17 | 000,022,486 | ---- | M] () -- \Users\Tibor\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2012.10.30 14:29:01 | 000,022,536 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-AD4FC691.pf
[2009.07.14 14:25:34 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 10:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 10:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 10:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 10:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 10:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.07.27 21:14:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.07.27 21:14:34 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.07.27 21:14:37 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.07.27 21:14:37 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.07.27 21:14:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 10:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \ProgramData\AutoKMS\AutoKMS.cmd
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \Users\All Users\AutoKMS\AutoKMS.cmd
[2012.10.09 18:28:45 | 000,472,576 | ---- | M] () -- \Windows\AutoKMS.exe
[2012.10.30 14:25:12 | 000,001,228 | ---- | M] () -- \Windows\AutoKMS.log
< *activator* /s >
[2011.12.22 16:41:52 | 000,105,661 | ---- | M] () -- \d\Windows XP Activator Geniune[SP1,SP2,SP3 100% WORKS].rar
[2011.12.22 16:39:09 | 000,000,803 | ---- | M] () -- \d\Windows_XP_Activator_Geniune[SP1_SP2_SP3_S].5849727.TPB.torrent
[2010.07.01 13:41:40 | 000,333,312 | ---- | M] () -- \d\Windows XP Activator\WINDOWS XP ACTIVATOR.exe
< *serial* /s >
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.07.27 21:43:33 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.04.11 03:37:58 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.07.27 21:44:16 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.07.27 14:21:30 | 000,000,286 | ---- | M] () -- \Users\Tibor\AppData\Local\Microsoft\Windows Sidebar\Gadgets\tvprogram.gadget\images\iconSerial.png
[2012.10.13 07:34:06 | 000,000,363 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2012.09.24 14:43:35 | 000,000,581 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2012.10.13 07:34:06 | 000,000,073 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\serialy.kinotip.cz.idx
[2012.09.24 14:43:35 | 000,000,071 | ---- | M] () -- \Users\Tibor\AppData\Local\Opera\Opera\icons\www.serialzone.cz.idx
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.08.20 05:46:08 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:46:35 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.08.20 08:01:35 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
[2012.08.20 07:40:59 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:51:58 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 05:51:51 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.08.17 16:09:34 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.17 16:09:28 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.08.20 05:54:52 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2012.08.20 18:06:54 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.08.20 18:06:38 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
[2012.08.21 07:55:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
[2012.08.20 05:41:24 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.08.20 05:41:23 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.08.20 05:41:28 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 10:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 10:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 10:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.07.27 21:14:39 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.07.27 21:14:40 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.11.21 10:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 10:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010.11.21 10:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.21 10:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 10:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 10:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:1CE11B51
< End of report >
Re: Prosím o kontrolu, děkuji.
OTL Extras logfile created on: 30.10.2012 14:30:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tibor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,75 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 61,75% Memory free
7,49 Gb Paging File | 5,82 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,95 Gb Total Space | 10,85 Gb Free Space | 27,85% Space Free | Partition Type: NTFS
Drive D: | 426,70 Gb Total Space | 43,70 Gb Free Space | 10,24% Space Free | Partition Type: NTFS
Computer Name: TIBOR-PC | User Name: Tibor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1199821C-8BF2-425F-B292-DFC6C1AF476C}" = lport=137 | protocol=17 | dir=in | app=system |
"{12A66C87-7D56-4839-9F89-3F4549CA5B68}" = rport=139 | protocol=6 | dir=out | app=system |
"{1A7E314C-A2C1-43F7-9417-600EC311519C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AE9B921-8BFB-4B73-8BC7-0772DBF048CA}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C11539C-D316-488D-A59D-2246A8F42A82}" = rport=137 | protocol=17 | dir=out | app=system |
"{4B17EC4B-3975-4157-913F-C7E96D0EDFE5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4FBFEA8C-C14F-434F-A654-734D7830C1AF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60C7A02F-B042-43C9-80B1-73487923D1DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6137FF7C-FD2B-46CB-97B7-CEA934F20FB2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65B31B00-1D71-46FC-8CA0-161207005211}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CDFA937-EF6F-44EA-9E70-FBFD3F7F761D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{801AF7E8-034D-409D-B96A-3E67ABBF3CEA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93F4A5F7-38F9-4289-9FD1-1A914EC77F4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97D19086-1B8C-4B39-B665-D733C8A765C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{AAE029AE-5FCD-4DF1-B512-8267A7C2AC7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1F4DF68-EB55-4A11-B352-FC33296850DD}" = lport=80 | protocol=6 | dir=in | name=www |
"{BE9833E1-9F65-4C3E-A7FA-9A30F102E4DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BF7E2F35-F82F-44F1-824C-FF8F612CE2E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{C524CDD9-6C04-4FFA-9C60-D68D7011D718}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E2F24FD2-4C16-41AE-94D2-A110692C6D8F}" = rport=445 | protocol=6 | dir=out | app=system |
"{E5062A51-D572-48C8-ACBA-4CF9C2CC48A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7159BE7-5148-4A46-82E9-FF1601AB0AA3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021330D2-5EC0-42B5-BAD0-F10E3688ED40}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{04AFF880-F62D-450A-8FE8-A3BB1FFC2DC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D3F0181-CF9A-4881-8FF1-ED77004AEA0C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{153841FE-9017-44CE-9DDA-6B03C7DE69EE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{16764893-6826-44F2-A862-3D60A5C4BD87}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{1822E041-B9CC-4A7D-B0F8-E22B2230F283}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23263373-F7AB-4E10-8664-D14C1EE1989B}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{28F845DF-104B-4C63-B753-DEB5543CEC89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C6F296E-0021-4829-BF1D-B30798F6AEA7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D03129D-AE44-4AEB-9434-31BB3B374B38}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2D8C61CB-3E5F-48FF-A9FD-119717BB6A9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3441FCBA-6CC4-4BCB-9CAC-175B891093A0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3F469605-B1E7-43F7-A5FC-39CC657B6874}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{68C27732-E3AA-4076-B495-75F45EBFDAFD}" = protocol=6 | dir=out | app=system |
"{6E10CA44-C475-4E36-BF3A-2E151C396E15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E9ABFCF-C36B-4CFD-B028-536C020F7AC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{962086F9-29D7-48FD-A3EF-C8851F5CFC13}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9928CAB0-0FD5-47E7-91EB-FB619DF9178C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A137B803-5970-4E78-A488-C92A879B77DE}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{A7838222-2561-4A5F-BA90-19708518B332}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BC5410DC-1B13-47EF-9C18-6893C829FC6E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D72EB842-3B55-48CF-A492-4C24BE0A121B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA2F1D88-AFBE-4373-B713-19F302B2A031}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{F2BC7808-CCFA-471C-B516-1F5163BED1F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8696B43-567E-4A45-8B9F-8BF94580DAC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0398633E-FBE8-41BD-9A06-71DD9CB83ED3}D:\programy\tc up\plugins\media\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\programy\tc up\plugins\media\utorrent\utorrent.exe |
"TCP Query User{073234CF-3615-4EFD-9C5C-538A1BABCD8C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{35726C68-E592-458E-BD63-E029A403A1CE}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{4B6A816B-F4BE-49A8-B36E-2A1969780EB2}D:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe" = protocol=6 | dir=in | app=d:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe |
"TCP Query User{55B3DC34-41A3-469E-B47E-C4C8FD227003}D:\programy\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\programy\videolan\vlc\vlc.exe |
"TCP Query User{95F9007A-3347-4F95-B212-0917CBE3E4A1}D:\programy\tc up\totalcmd.exe" = protocol=6 | dir=in | app=d:\programy\tc up\totalcmd.exe |
"UDP Query User{37E55E67-6435-4215-93EF-BDE75DF76B6D}D:\programy\tc up\plugins\media\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\programy\tc up\plugins\media\utorrent\utorrent.exe |
"UDP Query User{B5D3CDB6-DD13-4B84-8A1D-4C57AAE67E1A}D:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe" = protocol=17 | dir=in | app=d:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe |
"UDP Query User{C5A4C1B2-9482-437A-BAEF-F261E9613B9E}D:\programy\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\programy\videolan\vlc\vlc.exe |
"UDP Query User{CB917EFE-675D-41E8-B41D-5005DDF2B1B2}D:\programy\tc up\totalcmd.exe" = protocol=17 | dir=in | app=d:\programy\tc up\totalcmd.exe |
"UDP Query User{D7699BF9-0C1D-4A85-B821-F84D178029AC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D8DCD76A-F844-4A99-933F-B0B32B50DF12}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D8F982-2B93-4805-B15D-7569023A394D}" = O&O Defrag Professional
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{3D42871F-4A1E-82E5-9494-3012BA3084F2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6FCA487B-89F0-4378-E1BC-91B81BCD8C98}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{E249010E-76D3-EABE-2B77-2D65533E69E1}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01208566-3ECA-2269-9464-B9D54CAA19D2}" = CCC Help Japanese
"{03526470-58DE-4747-BE3C-DF74675CE74E}" = CCC Help Portuguese
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B247BF7-D393-1855-C8B3-66DED90DCCB6}" = AMD VISION Engine Control Center
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{0F4F4A2E-1DE2-4C8A-909C-67489721E387}" = CCC Help Thai
"{15219EE8-4DCC-C6C5-CB04-351D4DD72ACF}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2057E683-CC91-4776-D1F4-9238EDA32453}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2CB4A748-1985-21E6-0C76-E6E7344214D9}" = CCC Help Chinese Standard
"{30B4DC9F-5A36-BB9A-FE7B-AA4A286D68B4}" = CCC Help Dutch
"{3340EEEA-6F9E-2CB8-664F-B649DE8FC5AD}" = CCC Help Norwegian
"{380BF882-CD65-4751-A62D-0D8068BF1B94}" = Adobe® Flash® Media Encoder
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{4006E884-3ADA-511C-414D-B4C65E329555}" = CCC Help Finnish
"{442CB906-7844-E2F5-A2EB-90D44C0BF2DF}" = Catalyst Control Center Localization All
"{480309C9-D398-28DE-997B-D4A4A462B650}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5BB25782-828F-D002-06A4-4669AC994A27}" = CCC Help Korean
"{6247BF8A-010A-5842-CD26-1D9F65C9CE3F}" = CCC Help Greek
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67D30650-3501-66ED-265A-20870A20A689}" = CCC Help English
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{8025CF4B-7610-B0E5-70CF-3330A5881009}" = CCC Help Italian
"{831FCA3C-4C9C-3618-107F-18AB91B403ED}" = CCC Help Danish
"{86404000-52CF-41AE-9B2E-85892F7CB7D4}" = PhoenixRC
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BB33BB92-4DD8-554E-50E0-8A9ED2F173BA}" = CCC Help Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C913319D-F0AA-9688-F59A-3F28A99BA09D}" = CCC Help Polish
"{CBE14474-5281-1F66-5817-6E55B27647BF}" = CCC Help Russian
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EADAE0D0-85BA-D2AC-C0BD-A0CAC473D1AE}" = CCC Help Turkish
"{ED3A5341-6A7F-A5BB-FA7A-E9AC943BD1E9}" = CCC Help Hungarian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}" = Canon Utilities Digital Photo Professional 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A0BE8-FA51-ADE4-0CFC-88640AD0F512}" = CCC Help Swedish
"{FB774A35-5EFA-7070-5C23-ED6C00DE1103}" = CCC Help German
"{FB8BEF4C-E2B8-725E-F84A-AF6D1E4C8960}" = Catalyst Control Center Graphics Previews Common
"{FF58B613-6E26-88DE-EE5F-C59065C4A55B}" = CCC Help French
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AviSynth" = AviSynth 2.5
"Digital Photo Professional" = Canon Utilities Digital Photo Professional 3.11
"Easy CD-DA Extractor 16" = Easy CD-DA Extractor 16
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v1.1.14a
"Google Updater" = Google Updater
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallShield_{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}" = Canon Utilities Digital Photo Professional 1.0
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Opera 12.02.1578" = Opera 12.02
"rajče.net_is1" = rajče průvodce verze 1.59.42.257
"SugarSync" = SugarSync Manager
"TC UP" = Total Commander Ultima Prime 5.7.0.0
"VLC media player" = VLC media player 2.0.3
"YU2010_is1" = Your Uninstaller! 7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.10.2012 10:39:52 | Computer Name = Tibor-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro d:\Programy\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady d:\Programy\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error - 29.10.2012 13:13:09 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 0:55:20 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 1:51:28 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 2:46:09 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 4:23:55 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 4:38:31 | Computer Name = Tibor-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dreamcom.exe, verze: 0.0.0.0, časové razítko:
0x2a425e19 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00d271a0 ID chybujícího procesu: 0xb64 Čas spuštění
chybující aplikace: 0x01cdb679ef7cf09d Cesta k chybující aplikaci: C:\Program Files
(x86)\DreamCom\Dreamcom.exe Cesta k chybujícímu modulu: unknown ID zprávy: 2ee52455-226d-11e2-8908-88ae1d9ea53d
Error - 30.10.2012 8:37:56 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 9:07:18 | Computer Name = Tibor-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dreamcom.exe, verze: 0.0.0.0, časové razítko:
0x2a425e19 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00df71a0 ID chybujícího procesu: 0x14a4 Čas spuštění
chybující aplikace: 0x01cdb69f7b9b0b4a Cesta k chybující aplikaci: C:\Program Files
(x86)\DreamCom\Dreamcom.exe Cesta k chybujícímu modulu: unknown ID zprávy: badc9dcf-2292-11e2-8549-88ae1d9ea53d
Error - 30.10.2012 9:25:22 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 6.8.2012 4:46:30 | Computer Name = Tibor-PC | Source = MCUpdate | ID = 0
Description = 10:46:29 - Chyba při připojování k Internetu 10:46:30 - Nelze kontaktovat
server..
Error - 6.8.2012 4:46:44 | Computer Name = Tibor-PC | Source = MCUpdate | ID = 0
Description = 10:46:35 - Chyba při připojování k Internetu 10:46:35 - Nelze kontaktovat
server..
[ System Events ]
Error - 23.10.2012 8:23:03 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:03 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:04 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:04 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 9:18:32 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 26.10.2012 11:44:16 | Computer Name = Tibor-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 27.10.2012 0:29:55 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 28.10.2012 3:53:11 | Computer Name = Tibor-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 28.10.2012 5:48:56 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 29.10.2012 13:16:57 | Computer Name = Tibor-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tibor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,75 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 61,75% Memory free
7,49 Gb Paging File | 5,82 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,95 Gb Total Space | 10,85 Gb Free Space | 27,85% Space Free | Partition Type: NTFS
Drive D: | 426,70 Gb Total Space | 43,70 Gb Free Space | 10,24% Space Free | Partition Type: NTFS
Computer Name: TIBOR-PC | User Name: Tibor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programy\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1199821C-8BF2-425F-B292-DFC6C1AF476C}" = lport=137 | protocol=17 | dir=in | app=system |
"{12A66C87-7D56-4839-9F89-3F4549CA5B68}" = rport=139 | protocol=6 | dir=out | app=system |
"{1A7E314C-A2C1-43F7-9417-600EC311519C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AE9B921-8BFB-4B73-8BC7-0772DBF048CA}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C11539C-D316-488D-A59D-2246A8F42A82}" = rport=137 | protocol=17 | dir=out | app=system |
"{4B17EC4B-3975-4157-913F-C7E96D0EDFE5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4FBFEA8C-C14F-434F-A654-734D7830C1AF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60C7A02F-B042-43C9-80B1-73487923D1DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6137FF7C-FD2B-46CB-97B7-CEA934F20FB2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65B31B00-1D71-46FC-8CA0-161207005211}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CDFA937-EF6F-44EA-9E70-FBFD3F7F761D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{801AF7E8-034D-409D-B96A-3E67ABBF3CEA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93F4A5F7-38F9-4289-9FD1-1A914EC77F4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97D19086-1B8C-4B39-B665-D733C8A765C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{AAE029AE-5FCD-4DF1-B512-8267A7C2AC7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1F4DF68-EB55-4A11-B352-FC33296850DD}" = lport=80 | protocol=6 | dir=in | name=www |
"{BE9833E1-9F65-4C3E-A7FA-9A30F102E4DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BF7E2F35-F82F-44F1-824C-FF8F612CE2E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{C524CDD9-6C04-4FFA-9C60-D68D7011D718}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E2F24FD2-4C16-41AE-94D2-A110692C6D8F}" = rport=445 | protocol=6 | dir=out | app=system |
"{E5062A51-D572-48C8-ACBA-4CF9C2CC48A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7159BE7-5148-4A46-82E9-FF1601AB0AA3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021330D2-5EC0-42B5-BAD0-F10E3688ED40}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{04AFF880-F62D-450A-8FE8-A3BB1FFC2DC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D3F0181-CF9A-4881-8FF1-ED77004AEA0C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{153841FE-9017-44CE-9DDA-6B03C7DE69EE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{16764893-6826-44F2-A862-3D60A5C4BD87}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{1822E041-B9CC-4A7D-B0F8-E22B2230F283}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23263373-F7AB-4E10-8664-D14C1EE1989B}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{28F845DF-104B-4C63-B753-DEB5543CEC89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C6F296E-0021-4829-BF1D-B30798F6AEA7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D03129D-AE44-4AEB-9434-31BB3B374B38}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2D8C61CB-3E5F-48FF-A9FD-119717BB6A9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3441FCBA-6CC4-4BCB-9CAC-175B891093A0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3F469605-B1E7-43F7-A5FC-39CC657B6874}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{68C27732-E3AA-4076-B495-75F45EBFDAFD}" = protocol=6 | dir=out | app=system |
"{6E10CA44-C475-4E36-BF3A-2E151C396E15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E9ABFCF-C36B-4CFD-B028-536C020F7AC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{962086F9-29D7-48FD-A3EF-C8851F5CFC13}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9928CAB0-0FD5-47E7-91EB-FB619DF9178C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A137B803-5970-4E78-A488-C92A879B77DE}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{A7838222-2561-4A5F-BA90-19708518B332}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BC5410DC-1B13-47EF-9C18-6893C829FC6E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D72EB842-3B55-48CF-A492-4C24BE0A121B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA2F1D88-AFBE-4373-B713-19F302B2A031}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{F2BC7808-CCFA-471C-B516-1F5163BED1F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8696B43-567E-4A45-8B9F-8BF94580DAC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0398633E-FBE8-41BD-9A06-71DD9CB83ED3}D:\programy\tc up\plugins\media\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\programy\tc up\plugins\media\utorrent\utorrent.exe |
"TCP Query User{073234CF-3615-4EFD-9C5C-538A1BABCD8C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{35726C68-E592-458E-BD63-E029A403A1CE}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{4B6A816B-F4BE-49A8-B36E-2A1969780EB2}D:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe" = protocol=6 | dir=in | app=d:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe |
"TCP Query User{55B3DC34-41A3-469E-B47E-C4C8FD227003}D:\programy\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\programy\videolan\vlc\vlc.exe |
"TCP Query User{95F9007A-3347-4F95-B212-0917CBE3E4A1}D:\programy\tc up\totalcmd.exe" = protocol=6 | dir=in | app=d:\programy\tc up\totalcmd.exe |
"UDP Query User{37E55E67-6435-4215-93EF-BDE75DF76B6D}D:\programy\tc up\plugins\media\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\programy\tc up\plugins\media\utorrent\utorrent.exe |
"UDP Query User{B5D3CDB6-DD13-4B84-8A1D-4C57AAE67E1A}D:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe" = protocol=17 | dir=in | app=d:\seznam\usbwebserver v8.5\usbwebserver v8.5\8.5\mysql\bin\mysqld_usbwv8.exe |
"UDP Query User{C5A4C1B2-9482-437A-BAEF-F261E9613B9E}D:\programy\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\programy\videolan\vlc\vlc.exe |
"UDP Query User{CB917EFE-675D-41E8-B41D-5005DDF2B1B2}D:\programy\tc up\totalcmd.exe" = protocol=17 | dir=in | app=d:\programy\tc up\totalcmd.exe |
"UDP Query User{D7699BF9-0C1D-4A85-B821-F84D178029AC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D8DCD76A-F844-4A99-933F-B0B32B50DF12}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D8F982-2B93-4805-B15D-7569023A394D}" = O&O Defrag Professional
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{3D42871F-4A1E-82E5-9494-3012BA3084F2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6FCA487B-89F0-4378-E1BC-91B81BCD8C98}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{E249010E-76D3-EABE-2B77-2D65533E69E1}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01208566-3ECA-2269-9464-B9D54CAA19D2}" = CCC Help Japanese
"{03526470-58DE-4747-BE3C-DF74675CE74E}" = CCC Help Portuguese
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B247BF7-D393-1855-C8B3-66DED90DCCB6}" = AMD VISION Engine Control Center
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{0F4F4A2E-1DE2-4C8A-909C-67489721E387}" = CCC Help Thai
"{15219EE8-4DCC-C6C5-CB04-351D4DD72ACF}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2057E683-CC91-4776-D1F4-9238EDA32453}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2CB4A748-1985-21E6-0C76-E6E7344214D9}" = CCC Help Chinese Standard
"{30B4DC9F-5A36-BB9A-FE7B-AA4A286D68B4}" = CCC Help Dutch
"{3340EEEA-6F9E-2CB8-664F-B649DE8FC5AD}" = CCC Help Norwegian
"{380BF882-CD65-4751-A62D-0D8068BF1B94}" = Adobe® Flash® Media Encoder
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{4006E884-3ADA-511C-414D-B4C65E329555}" = CCC Help Finnish
"{442CB906-7844-E2F5-A2EB-90D44C0BF2DF}" = Catalyst Control Center Localization All
"{480309C9-D398-28DE-997B-D4A4A462B650}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5BB25782-828F-D002-06A4-4669AC994A27}" = CCC Help Korean
"{6247BF8A-010A-5842-CD26-1D9F65C9CE3F}" = CCC Help Greek
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67D30650-3501-66ED-265A-20870A20A689}" = CCC Help English
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{8025CF4B-7610-B0E5-70CF-3330A5881009}" = CCC Help Italian
"{831FCA3C-4C9C-3618-107F-18AB91B403ED}" = CCC Help Danish
"{86404000-52CF-41AE-9B2E-85892F7CB7D4}" = PhoenixRC
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BB33BB92-4DD8-554E-50E0-8A9ED2F173BA}" = CCC Help Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C913319D-F0AA-9688-F59A-3F28A99BA09D}" = CCC Help Polish
"{CBE14474-5281-1F66-5817-6E55B27647BF}" = CCC Help Russian
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EADAE0D0-85BA-D2AC-C0BD-A0CAC473D1AE}" = CCC Help Turkish
"{ED3A5341-6A7F-A5BB-FA7A-E9AC943BD1E9}" = CCC Help Hungarian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}" = Canon Utilities Digital Photo Professional 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A0BE8-FA51-ADE4-0CFC-88640AD0F512}" = CCC Help Swedish
"{FB774A35-5EFA-7070-5C23-ED6C00DE1103}" = CCC Help German
"{FB8BEF4C-E2B8-725E-F84A-AF6D1E4C8960}" = Catalyst Control Center Graphics Previews Common
"{FF58B613-6E26-88DE-EE5F-C59065C4A55B}" = CCC Help French
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AviSynth" = AviSynth 2.5
"Digital Photo Professional" = Canon Utilities Digital Photo Professional 3.11
"Easy CD-DA Extractor 16" = Easy CD-DA Extractor 16
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v1.1.14a
"Google Updater" = Google Updater
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallShield_{F011B8F1-BCCD-4E73-84F8-CB2F2D258755}" = Canon Utilities Digital Photo Professional 1.0
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Opera 12.02.1578" = Opera 12.02
"rajče.net_is1" = rajče průvodce verze 1.59.42.257
"SugarSync" = SugarSync Manager
"TC UP" = Total Commander Ultima Prime 5.7.0.0
"VLC media player" = VLC media player 2.0.3
"YU2010_is1" = Your Uninstaller! 7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2876282606-4237110239-2556333555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.10.2012 10:39:52 | Computer Name = Tibor-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro d:\Programy\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady d:\Programy\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error - 29.10.2012 13:13:09 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 0:55:20 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 1:51:28 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 2:46:09 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 4:23:55 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 4:38:31 | Computer Name = Tibor-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dreamcom.exe, verze: 0.0.0.0, časové razítko:
0x2a425e19 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00d271a0 ID chybujícího procesu: 0xb64 Čas spuštění
chybující aplikace: 0x01cdb679ef7cf09d Cesta k chybující aplikaci: C:\Program Files
(x86)\DreamCom\Dreamcom.exe Cesta k chybujícímu modulu: unknown ID zprávy: 2ee52455-226d-11e2-8908-88ae1d9ea53d
Error - 30.10.2012 8:37:56 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 9:07:18 | Computer Name = Tibor-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dreamcom.exe, verze: 0.0.0.0, časové razítko:
0x2a425e19 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00df71a0 ID chybujícího procesu: 0x14a4 Čas spuštění
chybující aplikace: 0x01cdb69f7b9b0b4a Cesta k chybující aplikaci: C:\Program Files
(x86)\DreamCom\Dreamcom.exe Cesta k chybujícímu modulu: unknown ID zprávy: badc9dcf-2292-11e2-8549-88ae1d9ea53d
Error - 30.10.2012 9:25:22 | Computer Name = Tibor-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 6.8.2012 4:46:30 | Computer Name = Tibor-PC | Source = MCUpdate | ID = 0
Description = 10:46:29 - Chyba při připojování k Internetu 10:46:30 - Nelze kontaktovat
server..
Error - 6.8.2012 4:46:44 | Computer Name = Tibor-PC | Source = MCUpdate | ID = 0
Description = 10:46:35 - Chyba při připojování k Internetu 10:46:35 - Nelze kontaktovat
server..
[ System Events ]
Error - 23.10.2012 8:23:03 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:03 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:04 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 8:23:04 | Computer Name = Tibor-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 23.10.2012 9:18:32 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 26.10.2012 11:44:16 | Computer Name = Tibor-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 27.10.2012 0:29:55 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 28.10.2012 3:53:11 | Computer Name = Tibor-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 28.10.2012 5:48:56 | Computer Name = Tibor-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 29.10.2012 13:16:57 | Computer Name = Tibor-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
< End of report >
Re: Prosím o kontrolu, děkuji.
Achjo, dalsi nelegalni system 
Bohuzel, pravidla fora hovori jasne.
http://forum.viry.cz/viewtopic.php?f=12&t=115512
Bohuzel, pravidla fora hovori jasne.
http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu, děkuji.
Tak si s prominutím trhni nohou, čekat dva dni a nic z toho tak to je rychlejší přeinstalace a asi i bezpečnější.
Re: Prosím o kontrolu, děkuji.
Uz jsem si trhl, bylo to prijemne
Stacilo mit legalni system, nic vic, nic min
Stacilo mit legalni system, nic vic, nic min
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?