Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Přehřívání PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Přehřívání PC

#1 Příspěvek od Kubelle »

Dobrý den, poslední dobou mám problém s PC a nevím si s ním rady, všimnul jsem si, že již zde řešené problémy připomínají ve směs i můj problém, proto jsem se rozhodl i já vás poprosit o pomoc. Pravděpodobně po mě budete zřejmě potřebovat nějaký log s mým problémem. Nemám s tímto zkušenost poprosil bych tedy návod jak vám tento log vytvořit, aby jste mi mohli pomoci.

Mnou zpozorované problémy:
1. Systém windows se startuje mnohem pomaleji (mám namysli čas než naskočí přihlašování)
2. Hry, které vždy běželi bez problémů se nesnesitelně sekají a způsobují přehřátí počítače - i ty méně náročné. (vypnutí a já pak musím čekat než PC vychladne) - Ohledně tohoto jsem již pc rozebral a očistil od nečistot, kterých tam ani moc nebylo, proto mě napadlo zda to není způsobeno softwarem. Objevil jsem v počítači program SweetIM, který jste tu již rešili, napadá mě zda i on v tomto nemá prsty.
3. Po startu windows mi naskočí jakýsi update něčeho co vám nedokážu popsat jelikož svůj název skrývá pod podivnými znaky. (nejsem si jist ale mám pocit že jde o azbuku - toto ještě doplním po restartu pc)
4. Nemám ponětí co přesně se mi přehřívá, ale je to umístěno na levo od touchpadu (Možná zvuková karta? na té straně mám vstupy na mikrofon a sluchátka). Při hraní her je toto místo neskutečně horké, že se ho téměř nedá ani dotknout. Byl bych rád, kdybych alespoň věděl cože se to přehřívá.

Vlastním notebook HP pavilion dv6, byl bych rád když by jste mi někdo dokázal pomoci, protože sám už si nevím rady. V době kdy píšu tyto řádky skenuji počítač pomocí AVG, zatím nic nenachází.

Děkuji předem za jakoukoliv pomoc...
Naposledy upravil(a) Mc_Murphy dne 25 lis 2012 18:13, celkem upraveno 1 x.
Důvod: Thread přesunut do správné sekce.
Nahoru
tuvok07
Přítel fóra
Přítel fóra
Příspěvky: 1198
Registrován: 07 bře 2007 17:10
Kontaktovat uživatele:
Kontaktovat uživatele tuvok07

Re: Přehřívání PC

#2 Příspěvek od tuvok07 »

Jste ve špatné sekci ale to nevadí, Pro začátek vložte log z RSIT podle návodu zde http://forum.viry.cz/viewtopic.php?f=13&t=105895
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#3 Příspěvek od Kubelle »

Tak tady je ten log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kubelle at 2012-11-25 14:53:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 61 GB (13%) free of 455 GB
Total RAM: 3835 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:17, on 25.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Kubelle\AppData\Roaming\QipGuard\QipGuard.exe
C:\Users\Kubelle\AppData\Local\Akamai\netsession_win.exe
C:\Users\Kubelle\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\TopSpace\bin\TopSpaceService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Kubelle.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 2713DD762F}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 2713DD762F}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: AppIs Search Class - {C1C92372-4705-4020-998B-D1E5E95716C3} - C:\Users\Kubelle\AppData\Local\AppIs\appis.dll
O2 - BHO: TopSpaceHelper - {C8625893-2C0F-4484-8C18-52B00D5A8BB9} - C:\Program Files (x86)\TopSpace\bin\TopSpaceHelper.dll
O2 - BHO: żŔÇÂĹÇ - {DA742A73-CFA7-4DE2-BF28-1FC51CF214BC} - C:\Users\Kubelle\AppData\Roaming\OpenTab\OpenTab.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: TBSB09850 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Opentab] C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe
O4 - HKCU\..\Run: [Opentabup] "c:\users\kubelle\appdata\roaming\opentab\opentabup.exe"
O4 - HKCU\..\Run: [FDoumiStart] "c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ľŰŔĚÁî 11ąř°ˇ ąŮ·Î°ˇ±â - {68C04328-167E-446A-AC57-4A04DAD74BDC} - http://qlink-click.goodcomms.co.kr/clic ... _name=11st (file missing)
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ľŰŔĚÁî żÁĽÇ ąŮ·Î°ˇ±â - {A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB} - http://qlink-click.goodcomms.co.kr/clic ... cu_auction (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ľŰŔĚÁî G¸¶ÄĎ ąŮ·Î°ˇ±â - {E5990159-7CB9-4E2C-A27E-4C23E2FA70E6} - http://qlink-click.goodcomms.co.kr/clic ... me=gmarket (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files (x86)\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files (x86)\InterBase\bin\ibserver.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18211 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000UA.job
C:\Windows\tasks\HPCeeScheduleForKubelle.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default

prefs.js - "browser.startup.homepage" - "http://home.sweetim.com/?crg=3.1010000. ... 2713DD762F}"
prefs.js - "extensions.enabledItems" - "otis@digitalpersona.com:5.0.0.4248, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?sr ... DD762F}&q="
prefs.js - "browser.startup.homepage" - "http://search.chatzum.com/"

"otis@digitalpersona.com"=C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
"Cetrumcz@igeared"=C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files (x86)\AVG\AVG2012\Firefox4\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\ProgramData\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\
plugin@yontoo.com
{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\searchplugins\
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP SimplePass Identity Protection Extension - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll [2009-12-30 1262856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C92372-4705-4020-998B-D1E5E95716C3}]
AppIs Search Class - C:\Users\Kubelle\AppData\Local\AppIs\appis.dll [2012-10-10 944304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}]
TopSpaceHelper Class - C:\Program Files (x86)\TopSpace\bin\TopSpaceHelper.dll [2012-11-09 132240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}]
żŔÇÂĹÇ - C:\Users\Kubelle\AppData\Roaming\OpenTab\OpenTab.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
TBSB09850 Class - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll [2012-08-29 2665984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-03-27 792864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - ChatZum Toolbar - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll [2012-08-29 2665984]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
""= []
"PinnacleDriverCheck"=C:\Windows\system32\PSDrvCheck.exe [2004-03-10 406016]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Opentab"=C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe []
"Opentabup"=c:\users\kubelle\appdata\roaming\opentab\opentabup.exe []
"FDoumiStart"=c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe [2012-08-29 209000]
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Kubelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-05-15 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=vdrcodec.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.vorbis"=vorbis.acm
"VIDC.MJPG"=Pvmjpg21.dll
"VIDC.PIM1"=pclepim1.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"VIDC.WMV3"=wmv9vcm.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-25 14:53:08 ----D---- C:\rsit
2012-11-25 14:53:08 ----D---- C:\Program Files (x86)\trend micro
2012-11-22 19:57:20 ----D---- C:\AMD
2012-11-20 18:06:03 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-18 14:32:42 ----A---- C:\Windows\_delis32.ini
2012-11-14 07:03:38 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-14 07:03:38 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\netevent.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\ncsi.dll
2012-11-14 07:00:25 ----A---- C:\Windows\SysWOW64\synceng.dll
2012-11-10 21:59:04 ----D---- C:\ProgramData\SweetIM
2012-11-10 21:59:04 ----D---- C:\Program Files (x86)\SweetIM

======List of files/folders modified in the last 1 month======

2012-11-25 14:53:08 ----D---- C:\Program Files (x86)
2012-11-25 11:51:27 ----D---- C:\Users\Kubelle\AppData\Roaming\Audacity
2012-11-25 11:16:35 ----D---- C:\Users\Kubelle\AppData\Roaming\ICQ
2012-11-25 11:15:52 ----D---- C:\Windows\Temp
2012-11-25 11:15:49 ----D---- C:\ProgramData\MFAData
2012-11-25 11:07:58 ----D---- C:\Program Files (x86)\Steam
2012-11-25 11:07:41 ----D---- C:\Program Files (x86)\Common Files\Akamai
2012-11-24 16:31:05 ----D---- C:\Windows\System32
2012-11-24 16:31:05 ----D---- C:\Windows\inf
2012-11-23 21:12:17 ----SHD---- C:\System Volume Information
2012-11-23 20:17:47 ----D---- C:\Games
2012-11-21 06:28:19 ----D---- C:\Windows\Tasks
2012-11-20 18:06:20 ----SHD---- C:\Windows\Installer
2012-11-19 08:26:38 ----D---- C:\Users\Kubelle\AppData\Roaming\Adobe
2012-11-19 08:24:40 ----D---- C:\ProgramData\Adobe
2012-11-18 20:51:54 ----D---- C:\ProgramData\PMB Files
2012-11-18 20:51:49 ----D---- C:\Users\Kubelle\AppData\Roaming\Skype
2012-11-18 15:20:52 ----D---- C:\Windows
2012-11-17 19:12:54 ----D---- C:\Program Files (x86)\QuickTime
2012-11-17 19:12:41 ----D---- C:\Windows\SysWOW64
2012-11-15 22:42:14 ----RSD---- C:\Windows\assembly
2012-11-15 22:42:14 ----D---- C:\Windows\Microsoft.NET
2012-11-15 18:09:41 ----D---- C:\Windows\winsxs
2012-11-15 18:06:02 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-11-15 18:05:58 ----D---- C:\Windows\SysWOW64\migration
2012-11-15 18:05:52 ----RSD---- C:\Windows\Fonts
2012-11-14 10:49:21 ----D---- C:\ProgramData\Microsoft Help
2012-11-10 21:59:22 ----SD---- C:\Users\Kubelle\AppData\Roaming\Microsoft
2012-11-10 21:59:04 ----HD---- C:\ProgramData
2012-11-01 08:33:51 ----D---- C:\Windows\Prefetch
2012-10-30 21:14:07 ----D---- C:\Users\Kubelle\AppData\Roaming\hpqLog
2012-10-29 08:42:53 ----D---- C:\Users\Kubelle\AppData\Roaming\FileDoumi
2012-10-29 07:34:31 ----D---- C:\Windows\rescache
2012-10-28 07:00:15 ----D---- C:\Program Files (x86)\Common Files\Steam

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 DVMIO;DeviceVM IO Service; C:\Windows\system32\DRIVERS\dvmio.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys []
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2004-07-16 14165]
S3 1394hub;1394 Enabled Hub; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ASAPIW2k;ASAPIW2K; C:\Windows\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [2009-03-03 89600]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-01-28 920352]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-30 444680]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-03-05 338168]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-01-25 514232]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2010-11-19 194512]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [2010-02-01 244736]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-01-05 1791280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
S3 InterBaseGuardian;InterBase Guardian; C:\Program Files (x86)\InterBase\bin\ibguard.exe [2000-06-23 22016]
S3 InterBaseServer;InterBase Server; C:\Program Files (x86)\InterBase\bin\ibserver.exe [2000-06-23 1702400]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-03-28 4323256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-10-27 529744]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Přehřívání PC

#4 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Search
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#5 Příspěvek od Kubelle »

Dobrý den, tak tady je ten log z adwcleaner:

Ještě musím zmínit, že když jsem zavíral tento program potom co mi to vyhodilo log, tak mi to napsalo něco o tom, že nalezené věci nebyli odstraněny (delete) a že pokud je chci odstranit musim program restartovat a stisknout tlačítko na smazání. Nevěděl jsem co dělat tak jsem raději nedělal nic. Zavíral jsem ho přes "X".

# AdwCleaner v2.009 - Logfile created 11/26/2012 at 18:50:22
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kubelle - KUBELLE-PC
# Boot Mode : Normal
# Running from : C:\Users\Kubelle\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Found : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Found : C:\Users\Kubelle\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\searchplugins\SweetIm.xml
File Found : C:\Users\Kubelle\Desktop\Search The Web.url
File Found : C:\Users\Kubelle\Desktop\sweetpcfix.url
Folder Found : C:\Program Files (x86)\ChatZum Toolbar
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\JK Agency\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\JK Agency\AppData\Roaming\Mozilla\Firefox\Profiles\f8xbw1av.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Folder Found : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Kubelle\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\Kubelle\AppData\Local\Temp\OpenCandy
Folder Found : C:\Users\Kubelle\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Kubelle\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Folder Found : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Found : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Found : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ChatZum Toolbar
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB09850.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB09850.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB09850.TBSB09850
Key Found : HKLM\SOFTWARE\Classes\TBSB09850.TBSB09850.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB09850
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB09850.1
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\ChatZum Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F}
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.chatzum.com/
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F}

-\\ Mozilla Firefox v3.6.8 (cs)

Profile name : default
File : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-[...]
Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&barid={76DDF812-2B79-11E2-AAA9-[...]
Found : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com/");
Found : user_pref("browser.newtab.url", "search.chatzum.com");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mirostart.com/?cfg=2-365-0-..[...]
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DD[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Centrum.cz Search");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Centrum.cz Search");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.centrum.cz/index.php?toolbar=centru[...]

Profile name : default
File : C:\Users\JK Agency\AppData\Roaming\Mozilla\Firefox\Profiles\f8xbw1av.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com/");
Found : user_pref("browser.newtab.url", "search.chatzum.com");

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.16] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F}",
Found [l.1858] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F}",

*************************

AdwCleaner[R1].txt - [10327 octets] - [26/11/2012 18:50:22]

########## EOF - C:\AdwCleaner[R1].txt - [10388 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Přehřívání PC

#6 Příspěvek od vyosek »

Zdravim :)

:arrow: Tak je ted smaznem :James008:

:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Delete
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#7 Příspěvek od Kubelle »

Hlásím že cca ve 3/4 mazání mi vyskočilo AVG a vyhodnotilo program AdwCleaner jako hrozbu. Dal jsem "Povolit", pak naskočila anglicky psaná tabulka informující mě o něčem okolo těch právě se mazaných souborech, následně tabulka, co mě informovala o restartu pc, následoval restart a vyskočil log.

Tady je:

# AdwCleaner v2.009 - Logfile created 11/26/2012 at 19:03:27
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kubelle - KUBELLE-PC
# Boot Mode : Normal
# Running from : C:\Users\Kubelle\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Deleted : C:\Users\Kubelle\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Kubelle\Desktop\Search The Web.url
File Deleted : C:\Users\Kubelle\Desktop\sweetpcfix.url
Folder Deleted : C:\Program Files (x86)\ChatZum Toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\JK Agency\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\JK Agency\AppData\Roaming\Mozilla\Firefox\Profiles\f8xbw1av.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Folder Deleted : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\Kubelle\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Kubelle\AppData\Local\Temp\OpenCandy
Folder Deleted : C:\Users\Kubelle\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Kubelle\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Folder Deleted : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Deleted : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB09850.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB09850.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB09850.TBSB09850
Key Deleted : HKLM\SOFTWARE\Classes\TBSB09850.TBSB09850.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB09850
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB09850.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.chatzum.com/ --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD762F} --> hxxp://www.google.com

-\\ Mozilla Firefox v3.6.8 (cs)

Profile name : default
File : C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\prefs.js

C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted : user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-[...]
Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&barid={76DDF812-2B79-11E2-AAA9-[...]
Deleted : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com/");
Deleted : user_pref("browser.newtab.url", "search.chatzum.com");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mirostart.com/?cfg=2-365-0-..[...]
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DD[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Centrum.cz Search");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Centrum.cz Search");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.centrum.cz/index.php?toolbar=centru[...]

Profile name : default
File : C:\Users\JK Agency\AppData\Roaming\Mozilla\Firefox\Profiles\f8xbw1av.default\prefs.js

Deleted : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com/");
Deleted : user_pref("browser.newtab.url", "search.chatzum.com");

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-00271[...]
Deleted [l.1858] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={76DDF812-2B79-11E2-AAA9-002713DD[...]

*************************

AdwCleaner[R1].txt - [10444 octets] - [26/11/2012 18:50:22]
AdwCleaner[S1].txt - [10852 octets] - [26/11/2012 19:03:27]

########## EOF - C:\AdwCleaner[S1].txt - [10913 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Přehřívání PC

#8 Příspěvek od vyosek »

:arrow: Trvate na antiviru avg ? U nas neni moc obliben - vyssi zatez systemu, slabsi detekce. Ja bych byl pro zmenu, ale vy rozhodnete
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#9 Příspěvek od Kubelle »

Že bych na něm trval to asi ne, používám ho protože jsem na něj zvyklý. Pokud mi řeknete, že jiný antivir poslouží stejně nebo i líp, tak budu jen rád.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Přehřívání PC

#10 Příspěvek od vyosek »

:arrow: Tak jej odinstalujte a nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

:arrow: Pak dejte novy log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#11 Příspěvek od Kubelle »

Provedeno :) AVG si šlo svou cestou a já vítám ve svém počítači novou bezpečnostní agenturu Avast!

nový log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kubelle at 2012-11-27 19:43:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 60 GB (13%) free of 455 GB
Total RAM: 3835 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:43:18, on 27.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kubelle\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Kubelle.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbhelper.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: AppIs Search Class - {C1C92372-4705-4020-998B-D1E5E95716C3} - C:\Users\Kubelle\AppData\Local\AppIs\appis.dll
O2 - BHO: TopSpaceHelper - {C8625893-2C0F-4484-8C18-52B00D5A8BB9} - C:\Program Files (x86)\TopSpace\bin\TopSpaceHelper.dll
O2 - BHO: żŔÇÂĹÇ - {DA742A73-CFA7-4DE2-BF28-1FC51CF214BC} - C:\Users\Kubelle\AppData\Roaming\OpenTab\OpenTab.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O2 - BHO: TBSB09850 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll (file missing)
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Opentab] C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe
O4 - HKCU\..\Run: [Opentabup] "c:\users\kubelle\appdata\roaming\opentab\opentabup.exe"
O4 - HKCU\..\Run: [FDoumiStart] "c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ľŰŔĚÁî 11ąř°ˇ ąŮ·Î°ˇ±â - {68C04328-167E-446A-AC57-4A04DAD74BDC} - http://qlink-click.goodcomms.co.kr/clic ... _name=11st (file missing)
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ľŰŔĚÁî żÁĽÇ ąŮ·Î°ˇ±â - {A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB} - http://qlink-click.goodcomms.co.kr/clic ... cu_auction (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ľŰŔĚÁî G¸¶ÄĎ ąŮ·Î°ˇ±â - {E5990159-7CB9-4E2C-A27E-4C23E2FA70E6} - http://qlink-click.goodcomms.co.kr/clic ... me=gmarket (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files (x86)\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files (x86)\InterBase\bin\ibserver.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16130 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000UA.job
C:\Windows\tasks\HPCeeScheduleForKubelle.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default

prefs.js - "extensions.enabledItems" - "otis@digitalpersona.com:5.0.0.4248, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"

"otis@digitalpersona.com"=C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
"Cetrumcz@igeared"=C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\ProgramData\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP SimplePass Identity Protection Extension - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll [2009-12-30 1262856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C92372-4705-4020-998B-D1E5E95716C3}]
AppIs Search Class - C:\Users\Kubelle\AppData\Local\AppIs\appis.dll [2012-10-10 944304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}]
TopSpaceHelper Class - C:\Program Files (x86)\TopSpace\bin\TopSpaceHelper.dll [2012-11-09 132240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}]
żŔÇÂĹÇ - C:\Users\Kubelle\AppData\Roaming\OpenTab\OpenTab.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
TBSB09850 Class - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - ChatZum Toolbar - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
""= []
"PinnacleDriverCheck"=C:\Windows\system32\PSDrvCheck.exe [2004-03-10 406016]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Opentab"=C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe []
"Opentabup"=c:\users\kubelle\appdata\roaming\opentab\opentabup.exe []
"FDoumiStart"=c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe [2012-08-29 209000]
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Kubelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-05-15 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=vdrcodec.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.vorbis"=vorbis.acm
"VIDC.MJPG"=Pvmjpg21.dll
"VIDC.PIM1"=pclepim1.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"VIDC.WMV3"=wmv9vcm.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-27 19:37:28 ----A---- C:\Windows\avastSS.scr
2012-11-27 19:37:27 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2012-11-27 19:37:13 ----D---- C:\ProgramData\AVAST Software
2012-11-26 19:03:27 ----A---- C:\AdwCleaner[S1].txt
2012-11-26 18:50:22 ----A---- C:\AdwCleaner[R1].txt
2012-11-25 14:53:08 ----D---- C:\rsit
2012-11-25 14:53:08 ----D---- C:\Program Files (x86)\trend micro
2012-11-22 19:57:20 ----D---- C:\AMD
2012-11-20 18:06:03 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-18 14:32:42 ----A---- C:\Windows\_delis32.ini
2012-11-14 07:03:38 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-14 07:03:38 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\netevent.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2012-11-14 07:02:03 ----A---- C:\Windows\SysWOW64\ncsi.dll
2012-11-14 07:00:25 ----A---- C:\Windows\SysWOW64\synceng.dll

======List of files/folders modified in the last 1 month======

2012-11-27 19:43:19 ----D---- C:\Windows\Temp
2012-11-27 19:37:54 ----D---- C:\Windows\SysWOW64
2012-11-27 19:37:54 ----D---- C:\Windows\System32
2012-11-27 19:37:51 ----SHD---- C:\Windows\Installer
2012-11-27 19:37:28 ----D---- C:\Windows
2012-11-27 19:37:13 ----RD---- C:\Program Files
2012-11-27 19:37:13 ----HD---- C:\ProgramData
2012-11-27 19:37:05 ----SHD---- C:\System Volume Information
2012-11-27 19:33:17 ----D---- C:\Program Files (x86)\Common Files\Akamai
2012-11-27 19:32:14 ----D---- C:\ProgramData\AVG2012
2012-11-27 19:31:33 ----D---- C:\ProgramData\MFAData
2012-11-27 19:30:44 ----D---- C:\Windows\SysWOW64\drivers
2012-11-26 19:03:28 ----D---- C:\Program Files (x86)
2012-11-25 22:41:23 ----D---- C:\Windows\inf
2012-11-25 15:14:11 ----D---- C:\Users\Kubelle\AppData\Roaming\Audacity
2012-11-25 11:16:35 ----D---- C:\Users\Kubelle\AppData\Roaming\ICQ
2012-11-25 11:07:58 ----D---- C:\Program Files (x86)\Steam
2012-11-23 20:17:47 ----D---- C:\Games
2012-11-21 06:28:19 ----D---- C:\Windows\Tasks
2012-11-19 08:26:38 ----D---- C:\Users\Kubelle\AppData\Roaming\Adobe
2012-11-19 08:24:40 ----D---- C:\ProgramData\Adobe
2012-11-18 20:51:54 ----D---- C:\ProgramData\PMB Files
2012-11-18 20:51:49 ----D---- C:\Users\Kubelle\AppData\Roaming\Skype
2012-11-17 19:12:54 ----D---- C:\Program Files (x86)\QuickTime
2012-11-15 22:42:14 ----RSD---- C:\Windows\assembly
2012-11-15 22:42:14 ----D---- C:\Windows\Microsoft.NET
2012-11-15 18:09:41 ----D---- C:\Windows\winsxs
2012-11-15 18:06:02 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-11-15 18:05:58 ----D---- C:\Windows\SysWOW64\migration
2012-11-15 18:05:52 ----RSD---- C:\Windows\Fonts
2012-11-14 10:49:21 ----D---- C:\ProgramData\Microsoft Help
2012-11-10 21:59:22 ----SD---- C:\Users\Kubelle\AppData\Roaming\Microsoft
2012-11-01 08:33:51 ----D---- C:\Windows\Prefetch
2012-10-30 21:14:07 ----D---- C:\Users\Kubelle\AppData\Roaming\hpqLog
2012-10-29 08:42:53 ----D---- C:\Users\Kubelle\AppData\Roaming\FileDoumi
2012-10-29 07:34:31 ----D---- C:\Windows\rescache
2012-10-28 07:00:15 ----D---- C:\Program Files (x86)\Common Files\Steam

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 DVMIO;DeviceVM IO Service; C:\Windows\system32\DRIVERS\dvmio.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys []
S1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2004-07-16 14165]
S3 1394hub;1394 Enabled Hub; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ASAPIW2k;ASAPIW2K; C:\Windows\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCSoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [2009-03-03 89600]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-01-28 920352]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-30 444680]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-03-05 338168]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-01-25 514232]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2010-11-19 194512]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [2010-02-01 244736]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-01-05 1791280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
S3 InterBaseGuardian;InterBase Guardian; C:\Program Files (x86)\InterBase\bin\ibguard.exe [2000-06-23 22016]
S3 InterBaseServer;InterBase Server; C:\Program Files (x86)\InterBase\bin\ibserver.exe [2000-06-23 1702400]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-03-28 4323256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-10-27 529744]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Přehřívání PC

#12 Příspěvek od vyosek »

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#13 Příspěvek od Kubelle »

Prvni log:

OTL Extras logfile created on: 27.11.2012 20:01:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kubelle\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,48% Memory free
7,49 Gb Paging File | 5,15 Gb Available in Paging File | 68,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,59 Gb Total Space | 58,31 Gb Free Space | 13,12% Space Free | Partition Type: NTFS
Drive D: | 20,88 Gb Total Space | 3,04 Gb Free Space | 14,56% Space Free | Partition Type: NTFS
Drive E: | 99,02 Mb Total Space | 92,75 Mb Free Space | 93,66% Space Free | Partition Type: FAT32
Drive F: | 7,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: KUBELLE-PC | User Name: Kubelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D1D65B-531C-42B1-811C-21830C807798}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{0EB53976-0262-4414-915E-3E6893A2FD92}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{173455E7-38EF-4C65-83B7-E64C78057125}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1AF9B1F6-7E1B-4887-A071-EF2F9574B76D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{20559ABC-F2A2-49ED-89E8-33638D9BCCCA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46AC7DE1-F2E9-45C2-8624-CBDB814F284B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4B5C976C-6091-4597-A8BC-2BA193B5D153}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6844ABF8-D2B1-441D-8894-6DF4F8CE37B7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8ADB23C2-CD2A-4F80-A499-DA8E871311AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{924308B5-0D9E-4CB6-B703-604D871C967F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C416D4DF-9EAD-4B0F-B48B-BF3442F6EF10}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CBDEA385-0445-4573-BFCC-72B692E42C01}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0256FBC-E10A-4533-8257-B3FFD2F46425}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006A8A13-B50F-4EFD-817B-3AD350A1C0E9}" = protocol=6 | dir=in | app=c:\games\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{00F9CF2C-BC0E-413C-B21B-BB234F0C256F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{03D4AF07-397D-4510-B66D-B98BD026EE8D}" = protocol=6 | dir=in | app=c:\games\alaplaya\loco\system\loco.exe |
"{04460244-2DA9-42A7-AD02-2E91E1851428}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{05B0DFC9-4DF5-40D9-9755-D2BAF8F3ACF4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{05FD5C38-0A75-4F45-9ACC-C221526F0899}" = protocol=17 | dir=in | app=c:\games\atari\act of war - direct action\actofwar.exe |
"{0711438C-687B-4214-A634-01A64E0C63F4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{091A4D18-5FA7-4BE6-8A29-15B9BD2F486F}" = protocol=17 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe |
"{094D3167-155F-48D3-9957-5D8DA947BA7E}" = protocol=17 | dir=in | app=c:\games\cyanide\blood bowl\bb.exe |
"{0BC8FAD2-6F84-45A0-A5F1-4D45F450162F}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0D7C93C5-64D0-4578-B97C-6DD31AA2B3E7}" = protocol=6 | dir=in | app=c:\games\cs 1,6\hl.exe |
"{13AE2865-ACA7-4B6F-A777-4E1D60E96FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14077BD0-F05D-4A93-AC5B-B800882E6585}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online skirmish trailer\smp.exe |
"{17150D26-7776-4DE4-8DA7-AAE595578CC5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{1771DECD-6CF4-4468-9356-BA755FE1B969}" = protocol=6 | dir=in | app=c:\games\league of legends\league of legends\lol.launcher.exe |
"{17999428-4FBA-45FF-8345-8E4380F221E8}" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe |
"{19F36BB6-1929-46D1-9D8C-6E1E9CA0553C}" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{1B3925AC-B9EE-431E-9BE0-480E7046E129}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{1D4B3BEC-BD9E-4FB2-A4AC-0E8AB5098278}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{1DC334AB-B378-4D3C-A5C3-905D5E421482}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{1E630AE6-ACB2-4A01-B224-A50DC4C981D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online skirmish trailer\smp.exe |
"{1F2AAA8F-C634-44FF-B249-E8A87D46CB82}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{21458515-0196-4A06-8FB2-D79501E70288}" = protocol=17 | dir=in | app=c:\games\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{249A23C4-EDD8-4612-AB3F-EF751A419F88}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2619F9F3-842A-4BF8-916B-75C4D452D4A1}" = protocol=6 | dir=in | app=c:\games\diablo 3\diablo-iii-8370-engb-installer\diablo iii setup.exe |
"{299F0906-9C84-42CC-A698-87C6F2C0AA45}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat |
"{29E2874C-9AE2-4E1B-9AA4-EA9578390ED3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{2B016B5E-8D23-48D0-BFC5-8D555C8D5B41}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"{2D274635-A4EF-48F6-8FBE-F83FED3F3E99}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{2D77E564-8F1D-49B1-B773-CF34754FA852}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{2E052BFC-3055-43D2-BC5B-5D435071FB88}" = protocol=6 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe |
"{2ED47B8C-8580-47B2-BD37-75187213A457}" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\google\chrome\application\chrome.exe |
"{38FC3697-E260-4E86-8EC8-CBF0C7BAA3C9}" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\google\chrome\application\chrome.exe |
"{3B68E32E-57A1-4520-AEE3-3DA95B691C3A}" = protocol=17 | dir=in | app=c:\games\diablo 3\diablo-iii-8370-engb-installer\diablo iii setup.exe |
"{3EEA564B-189D-4506-9040-0F57278A11A2}" = protocol=6 | dir=in | app=c:\games\diablo iii\diablo iii.exe |
"{3F63ADEC-DB20-4030-8A7D-44541BD9992D}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{410F7144-7589-43E6-9C8E-436C1E0D997A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{420027B1-D2ED-4FD2-989A-B07AADA85DEF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{43B62515-9ABA-432B-A02E-CDB132FEEBC3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online skirmish trailer\smp.exe |
"{4A4567B4-1E47-4B23-A4C8-1D02E7D7D0FD}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{4B6C76C9-A458-4BFC-A792-695A971DAB84}" = protocol=17 | dir=in | app=c:\games\alaplaya\loco\system\loco.exe |
"{51099CC0-E9C0-4C7B-961D-B036A7663293}" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"{56DBB15C-41C3-4DAB-ADFC-601B3EE10BF3}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5805EF36-11E3-4211-AA69-714720CC5B29}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{596D1C92-37E2-4D58-8CBE-B18A7369695C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{59B0FC90-CA79-4F49-8A5B-EFD60E0F0008}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A64E340-F0D1-40E7-B972-AD4157747763}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6045731B-D971-4169-A28F-F9B0A96E28CE}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"{61F9AC0A-2250-4172-AD74-1FE236B051C1}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\qpservice.exe |
"{68378BC6-46F2-4488-8A91-375159B07E93}" = protocol=6 | dir=in | app=c:\games\cyanide\blood bowl\bb.exe |
"{6871B29F-EA12-4CFB-814D-DBF11441BF8A}" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\akamai\netsession_win.exe |
"{6A4DBA1B-3DA5-406C-A4C8-C35B29A3EAA8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\qp.exe |
"{6BABDA65-E1F8-4CE5-9EE3-DF3FD5AAE4E7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6CD369FF-149B-4DBE-BC0F-D1F4B1F61F08}" = protocol=6 | dir=in | app=c:\games\atari\act of war - direct action\actofwar.exe |
"{6D943E4F-78D1-42AA-AEA6-6CD90BA311DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6F655802-974F-4987-BC16-6A4EA858AC95}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{7B9820E1-E237-49EA-A670-238B1B3934EC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{7BB3C10C-BF26-424A-8C01-3F880904257B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{7C2CAC9B-3375-483A-965D-1BCCBEE14B57}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7FCF92F7-BA17-4C96-AD10-C431CAE09110}" = protocol=17 | dir=in | app=c:\users\kubelle\desktop\diablo-iii-setup-engb.exe |
"{836A81A7-BF53-4BEC-A448-32B54A7E5187}" = protocol=17 | dir=in | app=c:\games\cyanide\blood bowl\autorun\exe\autorun.exe |
"{843310A3-3775-4015-BD35-307F368A3C54}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{86350067-6932-43DE-B6F8-54AE6D43C956}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{87494E29-6AA3-454B-BAA4-705F9FD7A08A}" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{8C59A041-A470-45E1-9637-D83A45E6E6D2}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat |
"{8C5E02E9-5813-426C-8C92-946410E1ED92}" = protocol=17 | dir=in | app=c:\games\diablo iii\diablo iii.exe |
"{8CB8A792-FF40-41F1-ACC2-FED1F9055D00}" = protocol=6 | dir=in | app=c:\games\ubisoft\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{8E10BC74-87A3-4789-A4A4-D5F2C7022AB0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{9137F4F6-199B-4444-8BD7-7C7125EB2012}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{958AFD8C-CB6F-485F-8039-6B13A9A79CCA}" = protocol=6 | dir=in | app=c:\games\ubisoft\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{97279F0E-618B-4FF2-B47C-689FE433A0F0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{98A2FE87-A92B-4511-8276-C380DCC7787A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9ADDBD76-24BE-47FA-85B0-96837EB4DB2B}" = protocol=6 | dir=in | app=c:\games\cyanide\blood bowl\autorun\exe\autorun.exe |
"{9C09FEDA-22C7-4FFF-B738-2CF6F8978526}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{9D7BA011-0B71-42C4-91E4-1E049B31D5C5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{9E54F98C-F75F-4F1F-B5EB-CE1B06F4F8A3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{A01374D5-E312-480F-8A76-D31887830077}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\itv\hpitv.exe |
"{A3B6E816-FB98-49CF-B588-6E5FB772F1E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A53ADAF9-5D05-40EB-972D-8C0CF74D11BB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{A9E43197-04FE-42EB-9390-59C84060F016}" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe |
"{AA962057-AA57-48E6-9405-033B1470B3CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{ABA18CA6-5955-47A1-AEFB-9B0D9CC439F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online skirmish trailer\smp.exe |
"{B0192964-625B-4B4D-A6AC-0AFCF7194843}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{B3519535-B061-4A57-81DD-C3AD29C56D39}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{B3F0072F-5995-4003-B0B7-4504CAF8EB2C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{B99BD1B4-EFD4-46B3-A12D-0923DAA02131}" = protocol=17 | dir=in | app=c:\games\ubisoft\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{BDEACA4F-37A3-4463-8C6F-2AAB01B340BF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BF269963-B4B6-4CF5-8DD9-984B1A067A54}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C11AED41-1F15-483F-A38C-73B02ADC9743}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.0\cnc3ep1.dat |
"{C3171941-8E9A-4D0E-B2F4-AAEEEA2E7B2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4509D06-5C64-4FCA-9AB5-AFC303072A32}" = protocol=17 | dir=in | app=c:\games\cs 1,6\hl.exe |
"{C465BED9-FFBE-40D6-81E0-F9FBED7308F5}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{CA26E36E-1696-4DFB-8C57-E51CB6CBDCFD}" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\akamai\netsession_win.exe |
"{CC6D193B-B906-4385-B4F8-0D146C55B3CE}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{CC7BE66E-E22D-4983-AB5E-1CAC84A035C7}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{CD8761D4-492F-460C-8838-A9B0E178DF4E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{D2759416-0430-4332-96FB-D1BF49DCF087}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5055D3F-E02E-4F5E-B76D-96DAA0BC526C}" = protocol=17 | dir=in | app=c:\games\ubisoft\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{D5482ECB-7CEE-48B9-9BA1-1B5280109287}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{D6D63875-DB97-4E9C-8B57-749B17B21168}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{D7098E7E-A1B1-4DAF-BEA8-DD9A7BC3754E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7F20D8C-F0E7-426A-9B70-99E77DA0E2ED}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{DB86D827-70D6-482E-8EF6-94B7945FF739}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat |
"{DBA8769B-1514-44A0-AD0E-96061097FD5E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{DC72A9AC-A0A7-4C56-A39F-823372CFDDB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DEBF4A40-67ED-4AD7-8244-510D7CDE8A05}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E0DAF95A-4216-4D01-8C38-9D138C44F429}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{E2A6AB49-28CD-44BA-963C-A0D8AB1E580D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E2DED7D1-1BEB-4279-A927-1A876771523F}" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"{E59E8C46-9C95-4B14-ABBB-6A14E2511456}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{E8AF7FD9-128E-4589-B129-036367B3DC49}" = protocol=6 | dir=in | app=c:\users\kubelle\desktop\diablo-iii-setup-engb.exe |
"{E95D3E61-38F8-4C3A-8CC8-BF6291CBC856}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{EAB6567B-173B-4C12-8995-6D740ABCE523}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EBD41BBD-091A-47E4-A865-E298CE6CDAF7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F3E0934E-0F16-4B59-B6D3-D464A207F8D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F4D1AFD6-DE36-4CF9-BE42-41BA154B95F5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{FB067DE7-F2BE-4C99-AE03-D598129CF9F7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{FD30D3B0-DFDF-423C-A9C1-28ECE24A5671}" = protocol=17 | dir=in | app=c:\games\league of legends\league of legends\lol.launcher.exe |
"TCP Query User{0486B170-4471-4150-A9ED-433C8155DE3A}C:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe |
"TCP Query User{1B0413CB-DB67-416D-917F-16208B84B050}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{25DC94D2-AFEA-4DD7-B63C-CFB6EDD4EFA6}C:\games\valve\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\games\valve\left 4 dead\left4dead.exe |
"TCP Query User{311AB993-7907-4B62-AA62-28C811F16D37}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"TCP Query User{320EF493-9AD9-468B-BE78-60F04CEB72CD}C:\users\kubelle\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{383B4713-19D2-4C6A-96FA-90A0346A7DFD}C:\program files (x86)\ncsoft\lineage ii\system\l2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\ncsoft\lineage ii\system\l2.bin |
"TCP Query User{3D23E445-7B97-4833-9DC6-D4D376D4815C}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{4C9C9601-AA8A-4B00-979D-F8CCE5CBEE2F}C:\program files (x86)\interbase\bin\ibserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\interbase\bin\ibserver.exe |
"TCP Query User{517348FF-B681-4377-AACD-60FD49EE4CA2}C:\games\alaplaya\loco\system\loco.exe" = protocol=6 | dir=in | app=c:\games\alaplaya\loco\system\loco.exe |
"TCP Query User{564BED45-95B0-4F26-945C-5B986991E6F6}C:\program files (x86)\ncsoft\lineage ii\system\l2.bin" = protocol=6 | dir=in | app=c:\program files (x86)\ncsoft\lineage ii\system\l2.bin |
"TCP Query User{73BA7DFD-05AE-40D3-9C7A-BCEF45E1F8F4}C:\program files (x86)\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe |
"TCP Query User{7DA75540-4241-4F33-A741-5DE6C74C83BD}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{8CB094B8-31EE-4060-A0BE-B76457815650}C:\users\kubelle\desktop\eligium_v0_92_10_13_en.exe" = protocol=6 | dir=in | app=c:\users\kubelle\desktop\eligium_v0_92_10_13_en.exe |
"TCP Query User{95F29B28-B186-4617-B27D-744C53866CD9}C:\games\joint task force\jtf.exe" = protocol=6 | dir=in | app=c:\games\joint task force\jtf.exe |
"TCP Query User{A462BEBF-F068-4263-A5FE-37BC75F89E23}C:\users\kubelle\desktop\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=c:\users\kubelle\desktop\diablo-iii-setup-engb.exe |
"TCP Query User{A48522D4-2B1B-4A13-8097-F140C5A961B9}C:\games\boiling point\xenus.exe" = protocol=6 | dir=in | app=c:\games\boiling point\xenus.exe |
"TCP Query User{AC7DE0D1-3361-47A6-AC6E-519FF3183C2F}C:\program files (x86)\bitspirit\bitspirit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitspirit\bitspirit.exe |
"TCP Query User{B46B354C-2DE8-47FC-B13D-213EA4A700CE}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"TCP Query User{BC9424D6-2434-402E-9EC3-CB64E2882928}C:\games\atari\act of war - direct action\actofwar.exe" = protocol=6 | dir=in | app=c:\games\atari\act of war - direct action\actofwar.exe |
"TCP Query User{CBCE20FB-7510-4F8C-A60F-14A64DA862A9}C:\users\kubelle\desktop\championsonlinef2p.exe" = protocol=6 | dir=in | app=c:\users\kubelle\desktop\championsonlinef2p.exe |
"TCP Query User{D14F806A-E62B-4FBC-9D38-26FA898A7163}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{D457E575-A8C8-4849-A1CC-56F5FD023D7F}C:\games\cyanide\blood bowl\bb.exe" = protocol=6 | dir=in | app=c:\games\cyanide\blood bowl\bb.exe |
"TCP Query User{D4E3ED12-7C56-4C91-A649-B21FB2A538DF}C:\games\cryptic studios\champions online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\games\cryptic studios\champions online\live\gameclient.exe |
"TCP Query User{DF383EC0-78C4-45FF-8AF7-B66C21D018B3}C:\users\kubelle\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kubelle\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E724AC96-2050-49E2-862C-FE7E24FAFF1E}C:\games\cs 1,6\hl.exe" = protocol=6 | dir=in | app=c:\games\cs 1,6\hl.exe |
"TCP Query User{E7953824-B26D-408A-8011-698CC773F2A4}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat |
"TCP Query User{F59F8BCC-3533-45AA-8D68-3FB0A394F09B}C:\games\diablo 2\diablo 2 with lord of destruction (v1.13c) (direct play)\diablo ii lord of destruction (v1.13c)\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\games\diablo 2\diablo 2 with lord of destruction (v1.13c) (direct play)\diablo ii lord of destruction (v1.13c)\diablo ii\game.exe |
"UDP Query User{07BF9E23-CEC1-4E99-8965-F8C8BF2A0562}C:\games\boiling point\xenus.exe" = protocol=17 | dir=in | app=c:\games\boiling point\xenus.exe |
"UDP Query User{0D09502C-383C-4AB3-BBB3-3952F58D8B5B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"UDP Query User{10198FC2-3D65-4627-97BA-B1CDC92720BD}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat |
"UDP Query User{248F4AD1-5AE8-45AB-BD43-FBE29A01928A}C:\games\alaplaya\loco\system\loco.exe" = protocol=17 | dir=in | app=c:\games\alaplaya\loco\system\loco.exe |
"UDP Query User{33B378B2-EF70-4475-8FED-5E08B2596B55}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{3616D9E6-FDC0-4D9C-97A6-80B841C0D74D}C:\users\kubelle\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\akamai\netsession_win.exe |
"UDP Query User{4D0F0A70-96E8-4CE1-8F77-57BA6FA64266}C:\users\kubelle\desktop\championsonlinef2p.exe" = protocol=17 | dir=in | app=c:\users\kubelle\desktop\championsonlinef2p.exe |
"UDP Query User{620D5C2E-D55C-4BAA-B5CC-B1D859C5F569}C:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\temp\electronicarts_patcher_000.exe |
"UDP Query User{6A7300B9-604B-4FAB-8756-3EF06FC642BD}C:\program files (x86)\ncsoft\lineage ii\system\l2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\ncsoft\lineage ii\system\l2.bin |
"UDP Query User{822E2899-B05A-4CE4-9229-9B287D5C80DB}C:\program files (x86)\interbase\bin\ibserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\interbase\bin\ibserver.exe |
"UDP Query User{8442436F-76F4-4F6C-A505-7EC3D3C5C3AA}C:\games\cs 1,6\hl.exe" = protocol=17 | dir=in | app=c:\games\cs 1,6\hl.exe |
"UDP Query User{85B516FB-336A-461B-9B58-9D660C751358}C:\program files (x86)\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\totalcmd\totalcmd.exe |
"UDP Query User{863C686A-6C92-4395-A016-5D72E50AC263}C:\program files (x86)\ncsoft\lineage ii\system\l2.bin" = protocol=17 | dir=in | app=c:\program files (x86)\ncsoft\lineage ii\system\l2.bin |
"UDP Query User{8F09C99F-E81B-4D49-B16B-C3A0C5DD86E7}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{A931B9FE-87C1-46EC-B9D3-446D0DF48655}C:\users\kubelle\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\kubelle\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{C18ECC85-FEF8-44CE-BF7B-50D5EEEF4548}C:\users\kubelle\desktop\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=c:\users\kubelle\desktop\diablo-iii-setup-engb.exe |
"UDP Query User{C1AD10FF-9B04-4D74-A263-DDEC641D946E}C:\games\cyanide\blood bowl\bb.exe" = protocol=17 | dir=in | app=c:\games\cyanide\blood bowl\bb.exe |
"UDP Query User{C4E4F0A2-F957-4EFE-96DC-A3ABC98C4647}C:\games\valve\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\games\valve\left 4 dead\left4dead.exe |
"UDP Query User{CDA004C8-100D-4EC6-9B29-159807433A54}C:\games\atari\act of war - direct action\actofwar.exe" = protocol=17 | dir=in | app=c:\games\atari\act of war - direct action\actofwar.exe |
"UDP Query User{D6F2F8A8-2F5C-4236-9B4D-F64150E9EC40}C:\games\cryptic studios\champions online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\games\cryptic studios\champions online\live\gameclient.exe |
"UDP Query User{D7B207EB-F05F-4F7B-91B6-B8FC62D8059A}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"UDP Query User{DCDD47BB-EE1A-4B1D-8E61-9172C5CCF4CF}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{E4BC4FC9-7143-4484-8A8D-46325BD466AC}C:\program files (x86)\bitspirit\bitspirit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitspirit\bitspirit.exe |
"UDP Query User{E7260698-39C0-4526-A525-0B01F8776E11}C:\games\joint task force\jtf.exe" = protocol=17 | dir=in | app=c:\games\joint task force\jtf.exe |
"UDP Query User{EAAA230C-B54B-412E-A06D-B23CCD9FCC4B}C:\users\kubelle\desktop\eligium_v0_92_10_13_en.exe" = protocol=17 | dir=in | app=c:\users\kubelle\desktop\eligium_v0_92_10_13_en.exe |
"UDP Query User{EE0C3FFA-EE36-4AE9-B3E2-0903125A8377}C:\games\diablo 2\diablo 2 with lord of destruction (v1.13c) (direct play)\diablo ii lord of destruction (v1.13c)\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\games\diablo 2\diablo 2 with lord of destruction (v1.13c) (direct play)\diablo ii lord of destruction (v1.13c)\diablo ii\game.exe |
"UDP Query User{FB57592F-DF4B-41A7-85AF-006C42952D59}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}" = ATI Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{33DBA3CA-4E9D-4087-9911-359E45263D92}" = HP 3D DriveGuard
"{3587A2A6-C206-46CE-B050-D9024F22BCC8}" = HP Wireless Assistant
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9207D4A1-586E-49CA-A002-FC9F475AB1A3}" = HP Tone Control
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B73AE644-9B30-4BCE-8965-C0CA121A25C7}" = Základní software zařízení HP Deskjet 1050 J410 series
"{E2BDBC42-A7F5-BE3C-CAE7-672461BADFBB}" = ccc-utility64
"{EE5017A6-7525-4EE9-99DA-2EF1F6C16B1B}" = Validity Sensors DDK
"{F20DF0CA-5929-4C26-A501-FDB19FDF0A50}" = HP SimplePass Identity Protection
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Balíček ovladače systému Windows - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"5BB2352543C023211B5CDA6229832626C218EB7F" = Balíček ovladače systému Windows - Broadcom Corporation (BTHUSB) Bluetooth (01/28/2010 6.3.0.3800)
"79B5284AC8847651E6939E5B2FB1A473E6C9D19B" = Balíček ovladače systému Windows - Broadcom Corporation (BTHUSB) Bluetooth (01/20/2010 6.3.0.3500)
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{06C75F9A-97AD-5248-E32E-DF614E74CB30}" = CCC Help English
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D605B4-DCD1-451F-ABD7-52E6BB868E4E}" = Microsoft Expression Design 4
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{17AAFDC8-0126-8325-99C3-BA94ECC88719}" = CCC Help Chinese Standard
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C7D54A1-3EAF-1FA6-865A-5BD68563978F}" = Catalyst Control Center Graphics Previews Vista
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22166D2D-D82D-442F-BD80-08E820CC46A4}_is1" = Spielegeier.de Command & Conquer 3: Tiberium Wars - MapPack 4
"{223E2363-6643-49CB-A062-59A9858EE8EE}" = HP Software Framework
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2469F651-772F-53D7-66D6-EC065F786E38}" = CCC Help French
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
"{2E228408-8C07-BF2B-E3BE-6FE3226D0557}" = Catalyst Control Center Graphics Full Existing
"{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}" = ShaunWhiteSnowboarding
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3418A50C-5B73-420F-A617-B680D778573C}" = CCC Help Greek
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CE8DBEF-2A88-F180-F62C-43AA930D6D47}" = CCC Help Korean
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{421BEFF3-5178-41F5-8F63-7E6F60B54DB5}" = HP User Guides 0193
"{43C189A4-D61F-F7C7-F4BC-C3FE800FF7BB}" = ccc-core-static
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{527B2D1F-0129-70C1-3D8E-D7C13994F3D8}" = Catalyst Control Center Graphics Previews Common
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{547ADD84-7D19-4EC0-B709-092F997ACA8C}_is1" = DaemonicMU Season V 1.20
"{5911C3EB-2E4F-80CC-4A1F-65DD5BFFEA0D}" = CCC Help German
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Nápověda
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{60C7709B-2EC1-4E45-A53C-B51034847B06}_is1" = ABC Edice PC her - Alpine Skiing & Ski Jumping
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{639BDAFA-4A48-62A1-E2D9-13A84E9582FE}" = CCC Help Polish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B6A1FFD-AF4B-2348-1854-1BBDD6A4E852}" = CCC Help Chinese Traditional
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{705893E4-960A-E551-4825-B63B7BE8959A}" = CCC Help Czech
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766BF6D1-A746-9B26-EC0B-E76DF6D5DE07}" = CCC Help Norwegian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{783C5B03-DF9C-30B0-BC32-066150B77F19}" = CCC Help Japanese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83853D8B-E9F1-1E35-2F1B-4210D2875A8C}" = CCC Help Spanish
"{845E9545-2A7F-FFCB-D2FA-A292B0137325}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD0D298-58A6-4933-B154-5922518E66A0}_is1" = Spielegeier.de Command & Conquer 3: Tiberium Wars - MapPack 3
"{8C6E13F3-44FB-A8A6-D9F5-2AF030A47F2C}" = CCC Help Portuguese
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{996FF46F-797F-AFE4-2932-3F391B5BB4A5}" = CCC Help Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9F39E542-91FD-4E7B-B87B-C690090D39D6}_is1" = Left 4 Dead
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA11D798-A4C3-F2BF-E9C8-584D1AA7C891}" = Catalyst Control Center Graphics Full New
"{AB14AFDF-990F-C0FD-DDDF-6113BD111593}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AEBFE622-2807-E0D5-E7E2-0D5AA4977B48}" = CCC Help Danish
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.160
"{B34FE99A-48DD-3564-761E-6BB78FBE5DB9}" = Catalyst Control Center InstallProxy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBA471C0-5EF2-11D4-0091-A500A0245DC0}" = NHL 2001
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{BFC1210F-19B0-A7F0-B027-82AD610DA5B7}" = CCC Help Italian
"{C1F34A15-73C8-4E2C-B7DF-E58F1D5A5872}_is1" = Spielegeier.de Command & Conquer 3: Tiberium Wars - MapPack 2
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D2D49B64-FBC1-15EE-5734-97BB457F197E}" = Catalyst Control Center Core Implementation
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D5EA734C-2DEC-76F6-9D98-97D57A6F61CE}" = CCC Help Swedish
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DB6A09A0-34B0-BFE5-7026-C91829ED879D}" = CCC Help Turkish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E1600759-7AB3-A146-5ED4-4A50E743D3D3}" = CCC Help Russian
"{E22B38FA-7A08-3CEE-EB31-970C4CF2AA54}" = CCC Help Dutch
"{E2831862-F131-4327-B9CC-FA30F587EB6C}" = HP Setup
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3620D5D-B046-41F0-AB8D-3C56A36AFD60}" = Catalyst Control Center - Branding
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F55BB217-BB0F-4A7A-A499-8A0C34D842E2}" = Catalyst Control Center Graphics Light
"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
"{F6B6A150-08FA-46D5-808A-EB638269551D}" = HP Power Plan Utility
"{FA4BF139-4D09-462E-B4AF-E89C640224C0}" = Quake Live Internet Explorer Plugin
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE39FB6F-05FB-4B09-4DE7-6E2BEC08427D}" = CCC Help Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"4StoryCZ_is1" = 4Story 3.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"Any Video Converter_is1" = Any Video Converter 3.0.7
"AppIs(ľŰŔĚÁî)_is1" = AppIs(ľŰŔĚÁî)
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast" = avast! Free Antivirus
"Battle for Wesnoth 1.10.2" = Battle for Wesnoth 1.10.2
"Battle.net" = Battle.net
"BitLord" = BitLord 2.1
"BSPlayerf" = BS.Player FREE
"CamStudio" = CamStudio
"Cybots" = Cybots
"Debut" = Debut Video Capture Software
"Denik" = Tréninkový deník
"Design_7.0.20516.0" = Microsoft Expression Design 4
"Diablo" = Diablo
"DivX Setup" = DivX Setup
"DVDStyler_is1" = DVDStyler v2.0
"EasyBits Magic Desktop" = Magic Desktop
"Encoder_4.0.1639.0" = Microsoft Expression Encoder 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileDoumi" = FileDoumi
"FL Studio 10" = FL Studio 10
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps (remove only)
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"Hanso Tagger" = Hanso Tagger
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"IL Download Manager" = IL Download Manager
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.2.0
"Kubik SMS DreamCom_is1" = Kubik SMS DreamCom 5.88
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Myst Masterpiece Edition_is1" = Myst Masterpiece Edition
"Native Instruments FM8" = Native Instruments FM8
"Numen: Contest of Heroes CZ_is1" = Numen: Contest of Heroes v1.13 (s BONUSEM)
"ObjectDock Free" = ObjectDock Free
"OpenAL" = OpenAL
"Opentab" = OpentabUninstall
"PoiZone" = PoiZone
"Polda II_is1" = Polda II
"Polda V_is1" = Polda V
"Powerdrome" = Powerdrome
"Reason4Demo_is1" = Reason Demo 4.0
"Saw/CZ-Czech_is1" = Saw
"Sawer" = Sawer
"The KMPlayer" = The KMPlayer (remove only)
"ToolBox" = NCH Toolbox
"TopSpace" = Topspace Windows IE Platform
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VMidi" = vanBasco's Karaoke Player
"vReveal" = vReveal
"Web_4.0.1303.0" = Microsoft Expression Web 4
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft ScreenHunter 4.0 Free" = Wisdom-soft ScreenHunter 4.0 Free
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082439" = Bus Driver
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082463" = Zuma's Revenge
"WT083484" = Escape Rosecliff Island
"WT083492" = Agatha Christie - Death on the Nile
"ZhyperMU Season 6 Ultimate 6.00" = ZhyperMU Season 6 Ultimate 6.00

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"QIP 2010" = QIP 2010 10.11.19.4440
"QipGuard" = QIP Internet Guardian
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.4.2012 2:19:43 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 16.4.2012 3:57:05 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 17.4.2012 1:07:07 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 17.4.2012 2:07:44 | Computer Name = Kubelle-PC | Source = Application Hang | ID = 1002
Description = Program main.exe verze 1.3.11.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1038 Čas spuštění: 01cd1c605399d56b Čas ukončení: 7296 Cesta k aplikaci: C:\Games\DaemonicMU
Season IV\main.exe ID hlášení: 9e502c83-8853-11e1-8312-002713dd762f

Error - 17.4.2012 4:39:22 | Computer Name = Kubelle-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpasset.exe, verze: 3.0.0.7, časové razítko:
0x4f4667f7 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b8f Kód výjimky: 0xc0000374 Posun chyby: 0x000ce6c3 ID chybujícího procesu:
0x1b40 Čas spuštění chybující aplikace: 0x01cd1c759501d878 Cesta k chybující aplikaci:
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPAsset\hpasset.exe Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: d4445b33-8868-11e1-8312-002713dd762f

Error - 17.4.2012 4:39:54 | Computer Name = Kubelle-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpasset.exe, verze: 3.0.0.7, časové razítko:
0x4f4667f7 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b8f Kód výjimky: 0xc0000374 Posun chyby: 0x000ce6c3 ID chybujícího procesu:
0x1e90 Čas spuštění chybující aplikace: 0x01cd1c75a89c9885 Cesta k chybující aplikaci:
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPAsset\hpasset.exe Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: e6fddfb3-8868-11e1-8312-002713dd762f

Error - 18.4.2012 12:27:40 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 19.4.2012 8:02:25 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 21.4.2012 15:36:24 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 21.4.2012 16:10:51 | Computer Name = Kubelle-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ Hewlett-Packard Events ]
Error - 26.9.2012 2:21:24 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()

Error - 2.10.2012 15:47:07 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 9.10.2012 15:48:29 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()

Error - 14.10.2012 16:01:12 | Computer Name = Kubelle-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 16.10.2012 15:32:15 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 23.10.2012 16:01:11 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()

Error - 30.10.2012 16:13:58 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 7.11.2012 1:34:37 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 14.11.2012 1:35:09 | Computer Name = Kubelle-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
v HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

v HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
cs-CZ RAM: 3834 Ram Utilization: TargetSite: Void UpdateAndDetect()

Error - 15.11.2012 13:19:21 | Computer Name = Kubelle-PC | Source = HPSF.exe | ID = 4000
Description =

[ HP Wireless Assistant Events ]
Error - 19.9.2012 7:39:26 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 21.9.2012 16:00:57 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 22.9.2012 4:53:39 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 22.9.2012 15:13:11 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 23.9.2012 8:02:58 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 24.9.2012 2:07:47 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 24.9.2012 15:32:39 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 25.9.2012 4:03:40 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 26.9.2012 2:14:16 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

Error - 26.9.2012 10:07:34 | Computer Name = Kubelle-PC | Source = HP WA Service | ID = 0
Description = GetPanelBrightnessTables() failed : e_BIOS_INVALID_COMMAND_TYPE

[ Media Center Events ]
Error - 10.3.2012 16:37:41 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 21:37:41 - Chyba při připojování k Internetu 21:37:41 - Nelze kontaktovat
server..

Error - 10.3.2012 17:38:01 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 22:38:01 - Chyba při připojování k Internetu 22:38:01 - Nelze kontaktovat
server..

Error - 10.3.2012 18:38:20 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 23:38:20 - Chyba při připojování k Internetu 23:38:20 - Nelze kontaktovat
server..

Error - 19.3.2012 8:57:30 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 13:57:30 - Chyba při připojování k Internetu 13:57:30 - Nelze kontaktovat
server..

Error - 19.3.2012 8:58:25 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 13:58:19 - Chyba při připojování k Internetu 13:58:20 - Nelze kontaktovat
server..

Error - 28.4.2012 10:35:00 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 16:35:00 - Chyba při připojování k Internetu 16:35:00 - Nelze kontaktovat
server..

Error - 28.4.2012 10:35:13 | Computer Name = Kubelle-PC | Source = MCUpdate | ID = 0
Description = 16:35:05 - Chyba při připojování k Internetu 16:35:05 - Nelze kontaktovat
server..

[ System Events ]
Error - 27.11.2012 14:32:19 | Computer Name = Kubelle-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\ASAPIW2k.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 27.11.2012 14:32:19 | Computer Name = Kubelle-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\ASAPIW2k.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 27.11.2012 14:32:19 | Computer Name = Kubelle-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\ASAPIW2k.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 27.11.2012 14:32:19 | Computer Name = Kubelle-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\ASAPIW2k.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 27.11.2012 14:32:54 | Computer Name = Kubelle-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 27.11.2012 14:34:27 | Computer Name = Kubelle-PC | Source = Service Control Manager | ID = 7022
Description = Služba PandoraService přestala během spouštění reagovat.

Error - 27.11.2012 14:34:27 | Computer Name = Kubelle-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCLEPCI

Error - 27.11.2012 14:34:44 | Computer Name = Kubelle-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 27.11.2012 14:34:50 | Computer Name = Kubelle-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 27.11.2012 14:35:20 | Computer Name = Kubelle-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.


< End of report >
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#14 Příspěvek od Kubelle »

a druhý log (1/2):

OTL logfile created on: 27.11.2012 20:01:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kubelle\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,48% Memory free
7,49 Gb Paging File | 5,15 Gb Available in Paging File | 68,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,59 Gb Total Space | 58,31 Gb Free Space | 13,12% Space Free | Partition Type: NTFS
Drive D: | 20,88 Gb Total Space | 3,04 Gb Free Space | 14,56% Space Free | Partition Type: NTFS
Drive E: | 99,02 Mb Total Space | 92,75 Mb Free Space | 93,66% Space Free | Partition Type: FAT32
Drive F: | 7,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: KUBELLE-PC | User Name: Kubelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.11.27 19:54:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kubelle\Downloads\OTL.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.11.19 15:11:16 | 000,194,512 | ---- | M] (QIP.ru) -- C:\Program Files (x86)\QipGuard\QipGuard.exe
PRC - [2010.10.06 21:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.05 20:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010.01.28 17:04:38 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.01.25 11:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.01.25 11:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009.12.30 11:22:02 | 000,623,368 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.15 20:14:35 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
MOD - [2012.11.15 18:23:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
MOD - [2012.11.15 18:22:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.15 18:22:14 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
MOD - [2012.11.15 18:22:00 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012.11.15 18:21:28 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.15 18:21:19 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.15 18:21:10 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012.11.15 18:20:52 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.15 18:20:44 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3cdcb033f930eb60badfa4500d795edb\System.Xml.ni.dll
MOD - [2012.11.15 18:20:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.15 18:20:38 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.15 18:20:30 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.10.31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012.10.31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012.10.31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012.10.31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012.10.31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012.10.31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012.10.31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012.10.31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2012.05.22 10:37:39 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.10.04 18:54:31 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
MOD - [2010.10.04 18:54:29 | 000,807,936 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
MOD - [2010.10.04 18:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
MOD - [2010.10.04 18:54:22 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
MOD - [2010.02.09 17:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010.02.09 17:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010.02.09 17:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010.02.09 17:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010.02.09 17:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010.02.09 17:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010.02.09 17:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010.02.09 17:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.04.16 15:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.01 10:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.01.28 17:04:38 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.01.27 13:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.01.18 14:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2010.01.06 00:14:28 | 002,184,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.12.30 11:22:12 | 000,444,680 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2012.11.19 21:48:16 | 002,462,128 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.11.12 22:52:07 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012.10.27 14:06:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.09 03:08:37 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.09.09 16:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 20:51:26 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.11.19 15:11:16 | 000,194,512 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.05 20:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010.02.01 10:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe -- (STacSV)
SRV - [2010.01.05 23:53:54 | 001,791,280 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2000.06.23 06:00:00 | 001,702,400 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\InterBase\bin\ibserver.exe -- (InterBaseServer)
SRV - [2000.06.23 06:00:00 | 000,022,016 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\InterBase\bin\ibguard.exe -- (InterBaseGuardian)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.18 13:11:16 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.06.13 01:05:49 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.04.16 15:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.16 14:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.10 00:34:44 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.09 06:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.02.04 01:05:32 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.02.04 01:05:32 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.04 01:05:32 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.04 01:05:32 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.02.04 01:05:30 | 000,328,232 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.02.03 13:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.02.01 10:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.28 19:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.12.22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.11.28 02:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.11.11 12:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009.07.08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009.07.08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2004.07.16 14:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004.03.10 14:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\asapiW2k.sys -- (ASAPIW2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{8BB32FD6-67A5-478A-8796-51D0E6D3742F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 2713DD762F}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes,DefaultScope = {64F3918A-9060-428E-B8D4-F78A5FC45F06}
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{64F3918A-9060-428E-B8D4-F78A5FC45F06}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{8BB32FD6-67A5-478A-8796-51D0E6D3742F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 2713DD762F}
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4248
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - prefs.js..browser.search.defaulturl: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kubelle\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kubelle\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kubelle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.06.13 01:40:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.12.17 11:21:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.29 23:31:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.27 19:37:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.17 19:12:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.17 19:12:55 | 000,000,000 | ---D | M]

[2010.12.17 11:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kubelle\AppData\Roaming\Mozilla\Extensions
[2012.11.26 19:03:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kubelle\AppData\Roaming\Mozilla\Firefox\Profiles\nz22jv6h.default\extensions
[2012.10.20 05:46:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.06 08:44:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.23 17:57:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.10.07 08:25:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.20 23:42:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012.10.20 05:46:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2010.07.23 01:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.07.23 01:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.07.23 01:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.07.23 01:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.07.23 01:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kubelle\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Kubelle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Audiotool = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\
CHR - Extension: LoL Stream Browser = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.1.6.4_0\
CHR - Extension: avast! WebRep = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: ButtonBeats Guitar = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf\5_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Desktop = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo\1.0_0\
CHR - Extension: Audiotool = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\
CHR - Extension: LoL Stream Browser = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.1.6.4_0\
CHR - Extension: avast! WebRep = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: ButtonBeats Guitar = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf\5_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Desktop = C:\Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo\1.0_0\

Hosts file not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HP SimplePass Identity Protection Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (HP SimplePass Identity Protection Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AppIs Search Class) - {C1C92372-4705-4020-998B-D1E5E95716C3} - C:\Users\Kubelle\AppData\Local\AppIs\appis.dll ()
O2 - BHO: (TopSpaceHelper Class) - {C8625893-2C0F-4484-8C18-52B00D5A8BB9} - C:\Program Files (x86)\TopSpace\bin\TopSpaceHelper.dll ((C) T-Comms)
O2 - BHO: (żŔÇÂĹÇ) - {DA742A73-CFA7-4DE2-BF28-1FC51CF214BC} - C:\Users\Kubelle\AppData\Roaming\OpenTab\OpenTab.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O2 - BHO: (TBSB09850 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files (x86)\ChatZum Toolbar\tbunss97AB.tmp\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\..\Toolbar\WebBrowser: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\Windows\SysWow64\PSDrvCheck.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000..\Run: [FDoumiStart] c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe (NeoUX)
O4 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000..\Run: [Opentab] C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe File not found
O4 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000..\Run: [Opentabup] "c:\users\kubelle\appdata\roaming\opentab\opentabup.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\JK Agency\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = File not found
O4 - Startup: C:\Users\Kubelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1802304956-4192236121-2842701351-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ľŰŔĚÁî 11ąř°ˇ ąŮ·Î°ˇ±â - {68C04328-167E-446A-AC57-4A04DAD74BDC} - http://qlink-click.goodcomms.co.kr/clic ... _name=11st File not found
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ľŰŔĚÁî żÁĽÇ ąŮ·Î°ˇ±â - {A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB} - http://qlink-click.goodcomms.co.kr/clic ... cu_auction File not found
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ľŰŔĚÁî G¸¶ÄĎ ąŮ·Î°ˇ±â - {E5990159-7CB9-4E2C-A27E-4C23E2FA70E6} - http://qlink-click.goodcomms.co.kr/clic ... me=gmarket File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6F6253C-55BD-44CD-8E0A-EBA12B75ED57}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\centrumcztoolbar - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.07 04:33:36 | 000,000,000 | R--D | M] - F:\Autorun -- [ UDF ]
O32 - AutoRun File - [2007.02.25 05:23:24 | 000,000,047 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007.03.02 10:31:43 | 000,162,880 | R--- | M] () - F:\autorun.exe -- [ UDF ]
O33 - MountPoints2\{6d4a8b56-8ec8-11e0-ad08-002713dd762f}\Shell - "" = AutoRun
O33 - MountPoints2\{6d4a8b56-8ec8-11e0-ad08-002713dd762f}\Shell\AutoRun\command - "" = I:\RunGame.exe
O33 - MountPoints2\{73982a0f-ccae-11df-b5a6-002713dd762f}\Shell - "" = AutoRun
O33 - MountPoints2\{73982a0f-ccae-11df-b5a6-002713dd762f}\Shell\AutoRun\command - "" = H:\RunGame.exe
O33 - MountPoints2\{8c7d8fb8-02fa-11e1-ad82-002713dd762f}\Shell - "" = AutoRun
O33 - MountPoints2\{8c7d8fb8-02fa-11e1-ad82-002713dd762f}\Shell\AutoRun\command - "" = K:\RunGame.exe
O33 - MountPoints2\{b3daeb19-c185-11df-b81c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b3daeb19-c185-11df-b81c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2007.03.02 10:31:43 | 000,162,880 | R--- | M] ()
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1029" /KBD:3 /wow /dir:"C:\Program Files\AVAST Software\Avast")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\vdrcodec.dll (Pinnacle Systems)
Drivers32: VIDC.MJPG - C:\Windows\SysWow64\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\Windows\SysWow64\pclepim1.dll (Pinnacle Systems)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.11.27 19:38:08 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.11.27 19:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.27 19:38:07 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.11.27 19:38:04 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.11.27 19:38:01 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.11.27 19:37:59 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.11.27 19:37:54 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.11.27 19:37:54 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.11.27 19:37:28 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.11.27 19:37:27 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.11.27 19:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.11.27 19:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.11.25 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.11.25 15:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012.11.25 14:53:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012.11.25 14:53:08 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.22 19:57:20 | 000,000,000 | ---D | C] -- C:\AMD
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.11.27 20:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.27 20:04:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.11.27 19:43:05 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.27 19:43:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.27 19:42:34 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.27 19:42:34 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.27 19:38:08 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.27 19:37:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.27 19:32:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.27 19:32:15 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.27 19:18:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000UA.job
[2012.11.27 14:18:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000Core.job
[2012.11.26 18:49:50 | 000,480,125 | ---- | M] () -- C:\Users\Kubelle\Desktop\adwcleaner.exe
[2012.11.25 22:41:23 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.25 22:41:23 | 000,666,656 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.11.25 22:41:23 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.25 22:41:23 | 000,140,320 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.11.25 22:41:23 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.21 22:08:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKubelle.job
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.11.27 20:04:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.11.27 19:38:08 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.27 19:37:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.11.26 18:49:50 | 000,480,125 | ---- | C] () -- C:\Users\Kubelle\Desktop\adwcleaner.exe
[2012.11.18 14:32:42 | 000,000,568 | ---- | C] () -- C:\Windows\_delis32.ini
[2012.08.24 19:02:44 | 000,000,218 | ---- | C] () -- C:\Users\Kubelle\AppData\Local\recently-used.xbel
[2012.06.22 18:38:41 | 000,000,000 | ---- | C] () -- C:\Users\Kubelle\AppData\Roaming\wklnhst.dat
[2012.03.31 22:39:23 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012.03.31 22:39:23 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012.03.27 21:23:26 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012.02.04 11:48:19 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.02.04 11:48:19 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.02.04 11:48:18 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.11.07 17:26:06 | 000,007,601 | ---- | C] () -- C:\Users\Kubelle\AppData\Local\Resmon.ResmonCfg
[2011.09.10 13:28:55 | 000,010,630 | ---- | C] () -- C:\Users\Kubelle\index.html
[2011.08.12 18:45:27 | 002,059,264 | ---- | C] () -- C:\Windows\setup_rangers_2.exe
[2011.08.02 12:07:50 | 000,001,854 | ---- | C] () -- C:\Users\Kubelle\AppData\Roaming\GhostObjGAFix.xml
[2011.05.13 14:24:32 | 000,000,976 | ---- | C] () -- C:\Windows\eReg.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.18 16:17:52 | 001,556,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.27 21:21:22 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.12.21 17:03:13 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.12.21 17:03:13 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.12.21 17:03:12 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.12.17 11:21:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.23 09:50:09 | 000,004,096 | -H-- | C] () -- C:\Users\Kubelle\AppData\Local\keyfile3.drm

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.12.17 10:40:35 | 000,000,000 | ---D | M] -- C:\Users\JK Agency\AppData\Roaming\DigitalPersona
[2010.12.17 21:07:51 | 000,000,000 | ---D | M] -- C:\Users\JK Agency\AppData\Roaming\gtk-2.0
[2010.12.17 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\JK Agency\AppData\Roaming\OpenOffice.org
[2010.10.17 14:18:47 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\AnvSoft
[2012.11.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Audacity
[2012.06.06 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Be a King 2
[2012.08.24 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitLord
[2010.12.21 16:22:10 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitSpirit
[2010.12.05 01:14:57 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitTorrent
[2011.08.07 01:19:20 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BSplayer
[2011.02.17 18:03:00 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BSplayer Pro
[2012.05.21 11:15:42 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2012.07.30 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.09.26 11:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\DAEMON Tools Lite
[2010.09.16 14:38:33 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\DigitalPersona
[2012.10.29 08:42:53 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\FileDoumi
[2012.03.17 00:00:38 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\FOG Downloader
[2010.12.21 17:11:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\GetRightToGo
[2010.12.05 01:46:46 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\GHISLER
[2012.11.25 11:16:35 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\ICQ
[2010.09.25 19:15:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Leadertech
[2011.07.02 14:10:25 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\LolClient
[2012.05.22 05:56:30 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\LolClient2
[2011.03.21 18:25:39 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\MotionDSP
[2010.10.02 21:17:09 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\My Battle for Middle-earth Files
[2010.11.18 00:57:40 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2010.12.24 02:10:10 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\NordicIS
[2011.01.20 19:48:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\OpenOffice.org
[2011.09.05 13:30:36 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Participatory Culture Foundation
[2011.09.05 13:35:09 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\PCF-VLC
[2010.11.07 00:09:14 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Propellerhead Software
[2012.05.08 15:22:59 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Python-Eggs
[2010.09.16 17:41:51 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\QIP
[2010.11.21 21:21:44 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\QipGuard
[2011.05.23 10:13:59 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Registry Mechanic
[2011.12.01 06:59:55 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\RenPy
[2011.07.19 22:36:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Sony
[2011.06.05 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Stardock
[2012.10.03 17:10:02 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\TeamViewer
[2012.06.22 18:38:40 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Template
[2011.07.05 21:46:56 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\ts3overlay
[2011.03.29 05:15:28 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Unity
[2012.08.20 22:55:30 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\xrecode2
[2010.10.28 14:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\_MDLogs
Nahoru
Kubelle
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 25 lis 2012 13:43

Re: Přehřívání PC

#15 Příspěvek od Kubelle »

druhý log (2/2)

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.10.02 15:43:51 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000Core.job
[2010.10.02 15:43:52 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000UA.job
[2011.03.16 18:31:16 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.03.16 18:31:16 | 000,000,954 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.13 14:01:38 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.14 07:03:40 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForKubelle.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.05.15 23:08:36 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2010.05.15 23:08:36 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.05.15 23:08:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.05.15 23:08:21 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010.05.15 23:06:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.05.15 23:06:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.05.15 23:06:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.05.15 23:08:20 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.05.15 23:06:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.05.15 23:08:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[201 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.08.30 00:15:30 | 003,782,214 | ---- | M] () -- C:\chatzum_nt.exe
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.19 08:26:38 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Adobe
[2010.10.17 14:18:47 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\AnvSoft
[2011.10.30 12:56:41 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Apple Computer
[2010.09.16 14:50:34 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\ATI
[2012.11.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Audacity
[2012.06.06 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Be a King 2
[2012.08.24 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitLord
[2010.12.21 16:22:10 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitSpirit
[2010.12.05 01:14:57 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BitTorrent
[2011.08.07 01:19:20 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BSplayer
[2011.02.17 18:03:00 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\BSplayer Pro
[2012.05.21 11:15:42 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2012.07.30 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.09.17 23:42:14 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\CyberLink
[2010.09.26 11:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\DAEMON Tools Lite
[2010.09.16 14:38:33 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\DigitalPersona
[2011.05.15 10:24:59 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\DivX
[2012.10.29 08:42:53 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\FileDoumi
[2012.03.17 00:00:38 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\FOG Downloader
[2010.12.21 17:11:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\GetRightToGo
[2010.12.05 01:46:46 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\GHISLER
[2011.02.22 12:41:01 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Hewlett-Packard
[2011.02.15 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\HP Support Assistant
[2012.10.30 21:14:07 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\hpqLog
[2011.02.15 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\HpUpdate
[2012.11.25 11:16:35 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\ICQ
[2010.09.16 14:50:07 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Identities
[2012.07.31 10:01:44 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\InstallShield
[2010.09.25 19:15:16 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Leadertech
[2011.07.02 14:10:25 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\LolClient
[2012.05.22 05:56:30 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\LolClient2
[2010.09.16 15:00:24 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Macromedia
[2010.10.27 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Macrovision
[2010.06.13 10:51:34 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Media Center Programs
[2010.12.27 21:22:20 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Media Player Classic
[2012.11.10 21:59:22 | 000,000,000 | --SD | M] -- C:\Users\Kubelle\AppData\Roaming\Microsoft
[2011.03.21 18:25:39 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\MotionDSP
[2010.12.17 11:21:58 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Mozilla
[2010.10.02 21:17:09 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\My Battle for Middle-earth Files
[2010.11.18 00:57:40 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.08.31 20:30:38 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\NCH Software
[2010.12.24 02:10:10 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\NordicIS
[2011.01.20 19:48:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\OpenOffice.org
[2011.09.05 13:30:36 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Participatory Culture Foundation
[2011.09.05 13:35:09 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\PCF-VLC
[2010.11.07 00:09:14 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Propellerhead Software
[2012.05.08 15:22:59 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Python-Eggs
[2010.09.16 17:41:51 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\QIP
[2010.11.21 21:21:44 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\QipGuard
[2011.05.23 10:13:59 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Registry Mechanic
[2011.12.01 06:59:55 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\RenPy
[2011.01.22 12:58:28 | 000,000,000 | RH-D | M] -- C:\Users\Kubelle\AppData\Roaming\SecuROM
[2012.11.18 20:51:49 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Skype
[2011.07.20 14:00:15 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\skypePM
[2011.07.19 22:36:26 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Sony
[2011.06.05 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Stardock
[2012.10.03 17:10:02 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\TeamViewer
[2012.06.22 18:38:40 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Template
[2011.07.05 21:46:56 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\ts3overlay
[2011.03.29 05:15:28 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\Unity
[2010.09.16 16:37:39 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\WinRAR
[2012.08.20 22:55:30 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\xrecode2
[2010.10.28 14:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kubelle\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Kubelle\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2012.08.09 00:37:56 | 000,317,032 | ---- | M] (NeoUx) -- C:\Users\Kubelle\AppData\Roaming\FileDoumi\filedoumi.exe
[2012.08.09 00:37:59 | 000,165,992 | ---- | M] (NeoUX) -- C:\Users\Kubelle\AppData\Roaming\FileDoumi\filedoumichange.exe
[2012.08.09 00:38:02 | 000,232,040 | ---- | M] (NeoUX) -- C:\Users\Kubelle\AppData\Roaming\FileDoumi\filedoumiiconms.exe
[2012.08.29 07:44:35 | 000,209,000 | ---- | M] (NeoUX) -- C:\Users\Kubelle\AppData\Roaming\FileDoumi\filedoumiupgrade.exe
[2012.08.09 00:37:46 | 001,867,160 | ---- | M] (Copyright CIPHERLOGIS All rights reserved. ) -- C:\Users\Kubelle\AppData\Roaming\FileDoumi\FileDoumi_Setup.exe
[2012.01.27 16:31:30 | 008,197,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Kubelle\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2012.01.27 16:18:33 | 008,111,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Kubelle\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011.07.10 14:08:20 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Kubelle\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2011.07.10 14:08:21 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Kubelle\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2011.07.10 14:08:21 | 000,008,854 | R--- | M] () -- C:\Users\Kubelle\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
[2010.11.15 06:08:58 | 000,010,134 | R--- | M] () -- C:\Users\Kubelle\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2010.12.21 22:49:55 | 000,010,134 | R--- | M] () -- C:\Users\Kubelle\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.11.19 15:11:16 | 000,194,512 | ---- | M] (QIP.ru) -- C:\Users\Kubelle\AppData\Roaming\QipGuard\QipGuard.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.11.27 20:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.27 19:43:05 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.27 20:43:03 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.11.27 14:18:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000Core.job
[2012.11.27 20:18:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1802304956-4192236121-2842701351-1000UA.job
[2012.11.21 22:08:09 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForKubelle.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.11.27 19:37:54 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.08.30 00:15:30 | 003,782,214 | ---- | M] () -- C:\chatzum_nt.exe
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HPAdvisorDock" = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe -- [2010.02.09 18:01:14 | 001,712,184 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Opentab" = C:\Users\Kubelle\AppData\Roaming\Opentab\Opentab.exe
"Opentabup" = "c:\users\kubelle\appdata\roaming\opentab\opentabup.exe"
"FDoumiStart" = "c:\users\kubelle\appdata\roaming\filedoumi\filedoumiupgrade.exe" -- [2012.08.29 07:44:35 | 000,209,000 | ---- | M] (NeoUX)
"msnmsgr" = ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 15:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2010.07.23 03:08:55 | 000,910,296 | ---- | M] (Mozilla Corporation) MD5=BACCDA841C689D1CBA941F478E8ED24B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.11.27 20:04:44 | 000,000,512 | ---- | M] () MD5=45AAEA7E60146E73D9E1A9965571EAC0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.09.23 16:19:06 | 000,016,223 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0001.OZJ
[2008.09.23 16:19:06 | 000,017,939 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0002.OZJ
[2008.09.23 16:19:06 | 000,020,684 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0003.OZJ
[2008.09.23 16:19:06 | 000,023,889 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0004.OZJ
[2008.09.23 16:19:06 | 000,027,580 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0005.OZJ
[2008.09.23 16:19:06 | 000,029,199 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0006.OZJ
[2008.09.23 16:19:06 | 000,028,015 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\firecracker0007.OZJ
[2009.06.30 14:38:36 | 000,034,210 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\GoblinCrack.OZJ
[2008.05.20 16:23:32 | 000,011,320 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 10:10:42 | 000,005,648 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\knight_plancrack_b.bmd
[2008.04.24 15:01:00 | 000,160,240 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 14:38:32 | 000,002,072 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 14:38:32 | 000,004,428 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 14:38:32 | 000,003,024 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 07:38:06 | 000,003,448 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Item\firecracker.OZJ
[2009.06.30 14:38:36 | 000,034,210 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Monster\GoblinCrack.OZJ
[2006.07.03 09:30:54 | 000,016,685 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Object40\han_mcrack.OZJ
[2010.09.05 15:41:32 | 000,016,176 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Sound\eFirecracker1.wav
[2010.09.05 15:41:34 | 000,016,581 | ---- | M] () -- \Games\DaemonicMU Season V\Data\Sound\eFirecracker2.wav
[2008.09.23 10:19:06 | 000,016,223 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0001.OZJ
[2008.09.23 10:19:06 | 000,017,939 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0002.OZJ
[2008.09.23 10:19:06 | 000,020,684 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0003.OZJ
[2008.09.23 10:19:06 | 000,023,889 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0004.OZJ
[2008.09.23 10:19:06 | 000,027,580 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0005.OZJ
[2008.09.23 10:19:06 | 000,029,199 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0006.OZJ
[2008.09.23 10:19:06 | 000,028,015 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\firecracker0007.OZJ
[2009.06.30 08:38:36 | 000,034,210 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\GoblinCrack.OZJ
[2008.05.20 10:23:32 | 000,011,320 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 04:10:42 | 000,005,648 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\knight_plancrack_b.bmd
[2010.08.04 12:43:32 | 000,161,560 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\knight_plancrack_dragon.bmd
[2008.04.24 09:01:00 | 000,160,240 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 08:38:32 | 000,002,072 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 08:38:32 | 000,004,428 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 08:38:32 | 000,003,024 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 07:38:06 | 000,003,448 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Item\firecracker.OZJ
[2009.06.30 08:38:36 | 000,034,210 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Monster\GoblinCrack.OZJ
[2006.07.03 03:30:54 | 000,016,685 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Object40\han_mcrack.OZJ
[2003.01.14 08:11:30 | 000,129,158 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Sound\eFirecracker1.wav
[2003.01.14 08:11:32 | 000,132,402 | ---- | M] () -- \Games\Zhyper mu\ZhyperMU Season 6 Ultimate\Data\Sound\eFirecracker2.wav
[2007.05.03 11:59:12 | 000,001,575 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM8\FM7 Factory\Beam Cracker Bass.ksd
[2007.05.03 11:59:48 | 000,001,285 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM8\FM7 Factory\CracklePhone.ksd
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\Hardcore\Presets\I cracked my Tube!.hdprg
[2009.03.03 12:28:38 | 000,000,461 | ---- | M] () -- \Program Files (x86)\Image-Line\Sawer\Presets\Ambient\MC Cracked.sawer
[2009.09.30 12:14:04 | 000,055,495 | ---- | M] () -- \Program Files (x86)\Microsoft Expression\Design 4\Images\Crackle.PNG
[2012.09.28 12:00:21 | 000,125,952 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.crackserialcodes.com_0.localstorage
[2012.09.28 12:00:21 | 000,003,608 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.crackserialcodes.com_0.localstorage-journal
[2012.01.06 18:12:41 | 000,029,861 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_audio_dso_env_atmo_fx_ice_crack.fsb._cf1277c58b07b3fd00252a74151ceb62
[2011.12.05 15:30:21 | 000,018,721 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_audio_dso_env_atmo_fx_wood_crack.fsb._9fb56f57b36f84d27bc3fc711c74229d
[2012.07.09 16:02:02 | 000,052,388 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks.dds._9763bba1eef345cbd8fdd5d52f2eb2ad
[2012.07.09 16:02:02 | 000,028,639 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ground_cracks_emsv.dds._e91a1ed583df6d7ac1e8b3ff52b8a1b5
[2012.07.09 15:59:44 | 000,002,921 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_textures_effects_ice_cracks.dds._38c2db18755cf8f1711062db7dad883b
[2012.07.09 16:02:03 | 000,010,317 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\DSOClient\export_win32_textures_effects_p_cracks_2.dds._39bfaf026e0bde11ec2a5c886139fcbe
[2012.05.14 08:29:03 | 000,038,177 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\tmpyniku7\torrentdownloads net Diablo 3 Full PC Game with Crack.torrent
[2003.07.28 02:27:32 | 000,014,400 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\Neptunian Drumz\Other\crackle1.wav
[2003.07.28 02:20:28 | 000,013,726 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\Neptunian Drumz\Other\crackle2.wav
[2003.07.28 02:20:30 | 000,015,674 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\Neptunian Drumz\Other\crackle5.wav
[2003.07.28 02:20:30 | 000,013,726 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\Neptunian Drumz\Other\crackle6.wav
[2008.04.29 08:50:58 | 000,060,910 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\sm_nu_rave_wavs\wavs\drum hits\kicks\nr_kik_cracked.wav
[2008.04.29 08:50:58 | 000,108,250 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\sm_nu_rave_wavs\wavs\drum hits\snares\nr_sn_doubcrack.wav
[2008.04.29 08:50:58 | 000,977,030 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\sm_nu_rave_wavs\wavs\synth loops\130bpm\nr_syn130_crackedup_Bb.wav
[2008.04.29 08:50:58 | 000,977,642 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\sm_nu_rave_wavs\wavs\synth loops\130bpm\nr_syn130_crackline2_Gb.wav
[2008.04.29 08:50:58 | 000,977,642 | ---- | M] () -- \Users\Kubelle\Desktop\FL samples\Od Honzy\sm_nu_rave_wavs\wavs\synth loops\130bpm\nr_syn130_cracklline_Gb.wav
[1 \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Mapy CaC\*.tmp files -> \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Mapy CaC\*.tmp -> ]
[2009.05.30 21:39:00 | 000,338,570 | ---- | M] () -- \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Mapy CaC\Tiberium_Cracks_Remake\Tiberium_Cracks_Remake.map
[2009.05.30 21:38:00 | 000,065,580 | ---- | M] () -- \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Mapy CaC\Tiberium_Cracks_Remake\Tiberium_Cracks_Remake.tga
[2008.08.19 16:28:00 | 000,190,536 | ---- | M] () -- \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Mapy CaC\Tiberium_Cracks_Remake\Tiberium_Cracks_Remake_art.tga
[2010.02.05 11:52:43 | 008,471,115 | ---- | M] () -- \Users\Kubelle\Desktop\Kanes wrath\command-and-conquer-3-kanes-wrath-by-skillgrow-iiir4zor-part01\Command And Conquer 3 Kanes Wrath by SkillGrow\Patch 1.01\Modifikovanej crack.rar
[2008.01.27 00:21:36 | 001,681,408 | ---- | M] () -- \Users\Kubelle\Desktop\z mobilu\Hudba\Helloween\01 Crack The Riddle (Intro).mp3
[2010.06.11 13:26:17 | 551,149,567 | ---- | M] () -- \Users\Kubelle\Documents\ISO soubory\Duke_Nukem_-_Forever_+_Crack,_Trainer\Duke Nukem - Forever + Crack, Trainer.iso
[2 \Users\Kubelle\Documents\ISO soubory\LOTR_BFMEII\LOTR-BFMEII\*.tmp files -> \Users\Kubelle\Documents\ISO soubory\LOTR_BFMEII\LOTR-BFMEII\*.tmp -> ]
[2008.01.27 00:21:36 | 001,681,408 | ---- | M] () -- \Users\Kubelle\Music\HELLOWEEN\GAMBLING WITH THE DEVIL\01 Crack The Riddle (Intro).mp3

< *keygen* /s >
[2012.09.28 12:08:52 | 020,977,192 | ---- | M] () -- \Users\Kubelle\Downloads\Stardock-ObjectDock-Plus+keygen.rar
[2007.04.29 14:45:00 | 000,035,709 | ---- | M] () -- \Users\Kubelle\Downloads\Stardock-ObjectDock-Plus+keygen\Stardock ObjectDock Plus+keygen\Keygen.exe

< *loader* /s >
[2012.04.01 16:20:18 | 000,032,768 | ---- | M] () -- \Games\4Story\TLoader.exe
[2003.09.15 13:02:00 | 000,169,384 | ---- | M] () -- \Games\CS 1,6\cstrike\models\qloader.mdl
[2003.09.15 12:55:50 | 000,352,548 | ---- | M] () -- \Games\CS 1,6\valve\models\loader.mdl
[2003.09.15 12:56:04 | 000,012,764 | ---- | M] () -- \Games\CS 1,6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 12:56:04 | 000,012,164 | ---- | M] () -- \Games\CS 1,6\valve\sound\ambience\loader_step1.wav
[2008.10.10 15:39:54 | 000,068,688 | ---- | M] () -- \Games\EA GAMES\Mirror's Edge\Binaries\PhysXLocal\PhysXLoader.dll
[2012.02.16 13:44:38 | 000,000,404 | ---- | M] () -- \Games\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.223\deploy\assets\storeImages\layout\small_loader.gif
[2012.08.30 07:37:23 | 000,000,404 | ---- | M] () -- \Games\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.223\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2012.02.07 17:11:22 | 000,008,192 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\_win32sysloader.pyd
[2012.04.28 08:01:16 | 000,005,612 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\deluge-2.1.0_74-py2.6.egg\deluge\httpdownloader.pyc
[2011.07.06 13:32:14 | 000,001,878 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.07.06 13:32:14 | 000,014,336 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.26 07:33:30 | 000,003,754 | ---- | M] () -- \Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
[2004.02.03 09:27:56 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.01.27 13:26:46 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\DVD Suite\koan\pyloader.dll
[2009.12.26 03:27:52 | 002,475,304 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\6.0\CES_3DLoaderFBX.dll
[2010.01.26 19:18:38 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2010.01.26 19:11:42 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010.02.22 16:24:28 | 000,010,498 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\DVD\System\KernelCtrl\ImageLoader.kc
[2010.02.22 16:24:28 | 000,010,146 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\DVD\System\KernelCtrl\ImageLoader2.kc
[2010.02.22 16:24:28 | 000,003,499 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\DVD\Widget\langloader.kc
[2010.02.22 16:24:30 | 000,012,438 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\DVD\Widget\layoutloader.kc
[2010.01.13 21:57:36 | 000,002,264 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Customizations\HP\Layout\TV\TVFacebookUploaderDialog.xml
[2010.01.13 22:01:10 | 000,003,124 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Partner\FLVLoader.html
[2010.01.13 22:01:10 | 000,000,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Partner\FLVLoader.swf
[2010.01.13 22:01:34 | 000,009,317 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\mm\MediaCtrl\ImageDownloader.kc
[2010.01.13 22:01:34 | 000,009,737 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\mm\MediaCtrl\ImageLoader.kc
[2010.01.13 22:01:56 | 000,003,091 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Presentation\Module\TV\TVFacebookUploader.kc
[2010.01.13 22:02:00 | 000,003,552 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Widget\langloader.kc
[2010.01.13 22:02:00 | 000,012,573 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\iTV\Widget\layoutloader.kc
[2010.01.11 14:18:22 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\Webcam\Koan\pyloader.dll
[2010.01.11 14:17:00 | 000,013,398 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\Webcam\subsys\Uploader\PyUploader.kc
[2010.01.11 14:17:00 | 000,162,912 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\Webcam\subsys\Uploader\_PyUploader.pyd
[2010.01.11 14:17:00 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\Media\Webcam\subsys\YouCam\CES_3DLoaderFBX.dll
[2010.03.11 11:42:36 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\Koan\pyloader.dll
[2010.03.11 11:42:56 | 002,473,056 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\subsys\CES\CES_3DLoaderFBX.dll
[2010.03.11 11:41:14 | 000,019,135 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\subsys\DataCenter\ImageLoader.kc
[2010.03.11 19:27:24 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Video\Koan\pyloader.dll
[2010.03.11 19:27:40 | 002,473,056 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Video\subsys\CES\CES_3DLoaderFBX.dll
[2010.03.11 19:25:36 | 000,019,241 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\MediaSmart\Video\subsys\DataCenter\ImageLoader.kc
[2010.03.03 05:12:28 | 000,058,664 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\koan\pyloader.dll
[2010.03.03 05:13:04 | 000,011,870 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\System\KernelCtrl\ImageLoader.kc
[2010.03.03 05:13:04 | 000,027,757 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\System\KernelCtrl\ImageLoader2.kc
[2010.03.03 05:13:04 | 000,003,236 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\System\KernelCtrl\URLDownloader.kc
[2010.03.03 05:13:06 | 000,003,952 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Widget\langloader.kc
[2010.03.03 05:13:06 | 000,013,920 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Widget\layoutloader.kc
[2009.10.06 04:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\Hp\HP Deskjet 1050 J410 series\bin\HelpViewer\Resources\Loader.gif
[2012.09.01 20:39:05 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.09.01 20:39:05 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.09.01 20:39:05 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.09.01 20:40:37 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.09.01 21:59:12 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\rps\preloader02.swf
[2012.09.01 20:41:59 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\warsheep\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\zoopaloola\preloader02.swf
[2012.11.06 19:53:33 | 000,002,825 | ---- | M] () -- \Program Files (x86)\Image-Line\Downloader\fldownloader.log
[2010.04.17 00:18:08 | 000,007,485 | ---- | M] () -- \Program Files (x86)\Microsoft Expression\Encoder 4\Templates\en\MediaPlayer\PlugInLoader.cs
[2010.04.13 18:09:06 | 000,002,747 | ---- | M] () -- \Program Files (x86)\Microsoft Expression\Encoder 4\Templates\en\MediaPlayer\ThumbnailDownloader.cs
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.12.01 01:59:46 | 000,471,792 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\WTDownloader.exe
[2010.11.03 22:17:00 | 000,002,193 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2010.11.12 22:46:48 | 000,009,086 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 22:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.02.10 17:10:14 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011.09.02 16:48:07 | 000,001,113 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities\Uploader Software.lnk
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2009.12.26 03:27:52 | 002,475,304 | ---- | M] () -- \SwSetup\CyberDVD\Stage1\PDIR\ShareFiles\Share\Plugin\6.0\CES_3DLoaderFBX.dll
[2010.03.04 11:43:18 | 000,180,328 | -H-- | M] () -- \SwSetup\QuickWeb\QW.SYS\config\HelpLoader.exe
[2008.08.12 18:19:04 | 000,004,052 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\redktario\libraries\loader.php
[2008.08.12 18:19:20 | 000,000,584 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\redktario\media\system\images\mootree_loader.gif
[2008.08.12 18:19:20 | 000,008,750 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\redktario\media\system\js\uploader.js
[2008.08.12 18:19:20 | 000,001,615 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\redktario\media\system\swf\uploader.swf
[2007.10.09 21:04:40 | 000,015,505 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\wordpress-2.3.3-cs\wordpress\wp-includes\script-loader.php
[2007.07.27 21:28:02 | 000,002,178 | ---- | M] () -- \Tvorba\Moje tvorba (Web)\wordpress-2.3.3-cs\wordpress\wp-includes\template-loader.php
[2011.09.02 16:48:07 | 000,001,113 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Utilities\Uploader Software.lnk
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.12.17 11:13:06 | 000,003,208 | ---- | M] () -- \Users\JK Agency\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P4YM0247\ajax-loader[1].gif
[2012.10.28 07:25:04 | 000,000,673 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.1.6.4_0\image\ajax-loader.gif
[2012.09.28 12:04:18 | 000,370,688 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage
[2012.09.28 12:04:18 | 000,005,672 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage-journal
[2012.09.23 15:50:40 | 000,122,880 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloader-youtube.org_0.localstorage
[2012.09.23 15:50:40 | 000,003,608 | ---- | M] () -- \Users\Kubelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.downloader-youtube.org_0.localstorage-journal
[2012.11.10 21:49:09 | 000,004,294 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5NF93WPH\universaldownloader-prefetch[1].txt
[2012.10.01 17:02:22 | 000,105,903 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\97KDI0GS\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.10.01 18:37:37 | 000,000,353 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJAG4R7W\queryLoader[1].css
[2012.10.01 18:37:39 | 000,005,505 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJAG4R7W\queryLoader[1].js
[2012.10.14 19:09:11 | 000,000,374 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJAG4R7W\queryLoader[2].css
[2012.10.14 19:09:12 | 000,005,708 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJAG4R7W\queryLoader[2].js
[2012.10.01 17:02:21 | 000,000,753 | ---- | M] () -- \Users\Kubelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WQQ4IA70\AdLoader[1].htm
[2011.09.05 13:35:10 | 000,000,722 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\Miro-downloader.log
[2011.09.05 13:31:28 | 000,000,000 | ---- | M] () -- \Users\Kubelle\AppData\Local\Temp\Miro-downloader.log.1
[2291 \Users\Kubelle\AppData\Local\Temp\*.tmp files -> \Users\Kubelle\AppData\Local\Temp\*.tmp -> ]
[2010.12.05 00:57:48 | 000,000,592 | ---- | M] () -- \Users\Kubelle\AppData\Local\VirtualStore\Program Files (x86)\Feneris\Feneris Video Downloader\FenerisVideoDownloader.exe.config
[2010.12.21 17:11:16 | 000,000,806 | ---- | M] () -- \Users\Kubelle\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_DirectX_7.data
[2010.12.21 17:11:16 | 000,000,833 | ---- | M] () -- \Users\Kubelle\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_DirectX_7.data0
[2011.04.30 19:49:34 | 000,011,633 | ---- | M] () -- \Users\Kubelle\Desktop\Asistent detektiva Zbyska-win32\renpy\loader.py
[2012.01.21 01:43:11 | 000,010,552 | ---- | M] () -- \Users\Kubelle\Desktop\Asistent detektiva Zbyska-win32\renpy\loader.pyo
[2011.04.30 19:49:34 | 000,011,633 | ---- | M] () -- \Users\Kubelle\Desktop\Asistent-win32\Asistent-win32\renpy\loader.py
[2011.12.01 06:59:54 | 000,010,500 | ---- | M] () -- \Users\Kubelle\Desktop\Asistent-win32\Asistent-win32\renpy\loader.pyo
[2012.05.22 03:38:12 | 000,000,404 | ---- | M] () -- \Users\Kubelle\Desktop\LOLPBE\League of Legends Public Beta\RADS\projects\lol_air_client\releases\0.0.0.144\deploy\assets\storeImages\layout\small_loader.gif
[2009.11.01 19:02:50 | 000,004,634 | -H-- | M] () -- \Users\Kubelle\Desktop\z mobilu\Nokia_Ovi_Suite_install_files\Resources\icon_map_loader.png
[2010.11.13 17:11:50 | 000,071,208 | ---- | M] () -- \Users\Kubelle\Downloads\old\PhysXLoader.dll
[2012.11.27 19:14:02 | 000,029,482 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.11.22 14:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.21 11:29:06 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.11.22 14:12:58 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.21 11:29:06 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.05.15 22:58:34 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.05.15 22:58:34 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.05.15 22:58:34 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.05.15 22:58:34 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.05.15 22:58:34 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.01.17 20:26:08 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.01.17 20:26:08 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.01.17 20:26:08 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.01.17 20:26:08 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.01.17 20:26:08 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.05.15 22:55:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Kubelle\Desktop\Welcome to summoners rift (dnb remix 2).mp3:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Kubelle\Desktop\League of legends kopletní theme_rap.mp3:TOC.WMV
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:890CC2F3
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“