preventivní kontrola

Zpráva

#61 Příspěvek od **vyosek** » 29 kvě 2013 09:42

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Martin(x) · #62 Příspěvek od **Martin(x)** » 30 kvě 2013 11:01

zde je 1 log

OTL Extras logfile created on: 5/29/2013 6:17:56 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aldair\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5.98 Gb Total Physical Memory | 3.89 Gb Available Physical Memory | 65.09% Memory free
11.95 Gb Paging File | 9.39 Gb Available in Paging File | 78.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142.91 Gb Total Space | 88.58 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 181.28 Gb Total Space | 24.20 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive F: | 129.00 Gb Total Space | 126.84 Gb Free Space | 98.32% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 29.21 Gb Free Space | 6.27% Space Free | Partition Type: NTFS

Computer Name: ALDAIR-MSI | User Name: Aldair | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B879A7E-F653-4A81-9D8E-F2885B320CEA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BF52617-3BC4-43CB-B13E-7A3ABEC959B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{248ACFED-11C9-4BF4-A2A6-24631F1FF743}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26642D34-D738-4251-884C-E181D6949429}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D927816-6962-4837-954A-64F83F78E865}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{30E1443A-7930-4AB2-A9DA-EDB0F5FD91F2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{31A44BD5-C537-47EA-ACA4-5EF8FC234FCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{514C227D-8A57-4B78-BD2E-8452F6281C9A}" = lport=137 | protocol=17 | dir=in | app=system |
"{5D50D541-B3FE-4C06-8B0E-608DF02C155D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76A30557-F39D-4487-B2ED-1802C2542414}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7B5F87F8-0AB7-496E-8707-1DE3C7506D7C}" = rport=137 | protocol=17 | dir=out | app=system |
"{7D4E9076-6A74-473D-ACB0-F7B4B132C33C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7F31BCA9-C019-4B1C-AC72-82EB5C4C2D6F}" = lport=445 | protocol=6 | dir=in | app=system |
"{89819457-EE0E-4A76-9E15-B9C055DF86D4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8AF8C30A-45E2-4722-8758-0968154DE0CB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{915B259A-4887-4000-81BC-F078558E8ABA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{95C21C3A-1090-4384-BF3F-5F24BBA3B640}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9A0285F5-35FB-4057-A6DC-C1AE65F301D8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9AA65A97-62B3-41F7-9123-36E6E45D5D90}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{A3342B40-0167-4497-9B28-623089B87F7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4E41054-5F3D-423F-96D7-1C7367D2E7A4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B6F19F63-3634-4C85-A5A1-BB6992D5C71F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B96AE7DE-422D-49E3-9CD1-95A1FA5F71A1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD0423C9-2AA7-4410-851C-61A7B31C5C93}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C4191B9B-09CE-4300-A534-7DE20B862983}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5FE6065-9780-4953-BCBE-0B348626CF24}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6915332-A47E-4AD3-8EBA-02FDB59D7032}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9AD4442-623B-4837-B9A9-50BE5DC70E7E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DCBA70E5-06CA-4DBC-B4AD-6EA281FB9938}" = lport=139 | protocol=6 | dir=in | app=system |
"{DD0344DE-C420-4A71-9F87-CCF90F15A52B}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DD61EB05-2A73-4189-94CC-2455E54D3A45}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E0735D9A-47BA-4000-8A02-661CFE9EF922}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E5629F13-5343-4808-B1B2-59CE5C0A9998}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4750808-6E54-487A-8463-6D39B9636BF2}" = rport=139 | protocol=6 | dir=out | app=system |
"{FAA38AC0-47A9-4183-9E7F-F2B6912B3BF5}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C1DADA-9288-4B67-A2A3-4711DC268A35}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{03B6FD11-7358-4A00-B3B8-EF23A2B158A5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0F0E7132-E510-4A4B-BB08-843886EDC112}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{171DBF7F-1781-4FBB-943C-1AA8AEC1168F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1BF0BE93-08D1-4175-8932-6D2A597B73BC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1DBDF4C0-BC16-4E86-94AF-E10C89078A7D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2271A1D1-B813-48F8-94D3-2E733B0CA878}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{25E24E4C-9192-4A40-BC19-2E19BBDD98BF}" = protocol=17 | dir=in | app=d:\mass effect 2\binaries\masseffect2.exe |
"{2638EF4F-AE2E-4DC1-973F-F9267E8AC965}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28D696C4-A22E-455F-BE21-7DF3BCF938C0}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{2AF4FDAF-5DB4-405B-A13A-DA79E08BA4D1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2D77CD7C-70A4-4717-A749-177BD5EC4DF8}" = dir=in | app=c:\users\aldair\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{361FAD28-42ED-4E4F-A985-06FD69734F03}" = protocol=6 | dir=out | app=system |
"{3A8D0F49-8565-4069-A867-EF9E7D3A21DD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3F63BFFB-D926-4E93-81A0-157E7C3A349D}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{3F8F1E14-2CA8-468A-88F4-64A3F9DD92C1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4011B349-8DA4-4473-A809-AB007D18FD1D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{46EC15AC-62D5-4C8D-B23E-74E3AC2A662C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{49188689-1998-4FD5-B74A-F1A6F5FA93A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4BDB6A06-AA29-4BB9-92C2-BECDD7E964C5}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4E8775FB-303F-4C87-8C76-F85ABA15C0CF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{51BFEB53-0A1B-4695-B4BB-AF91EB37094C}" = protocol=6 | dir=in | app=d:\battlefield 3\bf3.exe |
"{547A0B01-8E9B-4CF4-99C0-99D30B7F8318}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{54B7CCE5-6700-4D6E-B327-D4B51AA50D79}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{57427F10-D45B-4625-87AA-5ACD3B92FE2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59A5C8D3-F983-42C6-9B21-A17042AC1073}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5BC98EB4-0647-40B5-8A45-AEF9899D3FB1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5E00584A-6D6D-4D7D-BD6F-C5E9188A5FD9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{622A3EDE-4E1F-4B0C-8808-C46B027B9D3E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{64CD8CC3-DE52-4AB0-80A4-417F5178B42E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6587006A-C238-47DA-A180-0499CBD85F40}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{669A178D-F854-4F68-BA2A-67F4F054DCA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{67319FF6-E741-4226-B4AB-387EC7F9313B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{673D86E9-AED0-406E-943B-F473682D99ED}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6916213E-D0FA-4BF7-92CF-3DBAC97A2571}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{69A11DCF-79D0-4742-AB6C-D264E6636784}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6ED98CD0-3BE4-44E3-BAA4-93549F10F51A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{71B6AA10-44D3-4950-881D-591591394AA2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{74CCC450-4E1E-41AF-86F7-06927C5956CE}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{78427D2B-1F67-4DFA-AC3B-5318040706AD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7B7F1CA4-7F19-4DD1-A1A2-448199CA4C0A}" = protocol=6 | dir=in | app=d:\mass effect 3\binaries\win32\masseffect3.exe |
"{7B97A853-3AB2-4908-9CAE-7306BC7E34D0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D839A3C-D8D5-4324-9921-F42D6F22C37E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7EA1186C-3DEC-4C08-9305-89CC10DB8083}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{808482AA-6578-4F85-BDAE-89A56EF747CD}" = protocol=17 | dir=in | app=d:\mass effect 3\binaries\win32\masseffect3.exe |
"{80D14F6C-F0F6-4817-BCB1-36A8E184D5DA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{861F08C4-05AA-4760-8A8D-2BBFA2CC7560}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{895B02C3-860F-4774-BBBA-97C081F9A783}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8DD1A55E-08D8-49A3-9259-E45C66895CF5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90DBA565-3D64-423A-B0CF-3A7B2DDB3363}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{91847E85-9072-4389-966B-8DE541E1F760}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{91CC516A-EBC0-4F21-9CFB-865B82488F56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{946661E2-3962-4C93-A84C-DA4134EB13D9}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{96BBBADF-6CD7-4DDE-86B3-BB1877CCBFC2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{99B2497A-A6C6-4475-91FF-E1C97AC02941}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9A56E289-F50C-49D1-90BD-07DCA86464EA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9AA64E97-A07B-41C4-AA2F-DB6345CDCBE8}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{9C21FAD4-6DAE-4E35-9D60-52540325F9BE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9D1F3AA4-A7CC-406B-8179-043B844C27E5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A298DF60-E430-4720-8D72-D4866E5FF8DE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A39DE1A5-E4A2-4551-8485-77D65DE8BC79}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{A49A20CB-7DA0-4D22-A9D5-A335E8E67A91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4E4151B-21AE-43FF-A6B6-3639903E1C3B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7B74B01-CB3E-4FCF-B97D-1E9AD54ED563}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A9499FDD-18BE-4405-BEDC-A6B18E20B967}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ACB46106-D274-499A-A032-DA755E17DD57}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AD8B15AF-1499-4EAD-801B-7887DC66C161}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AE2B9DBA-CD36-46E0-BD92-D1730AF3AB56}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AE709F04-CF72-4D7D-8D1D-16EFD57D4E5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0DFE694-02E5-4DAF-9C75-F88F1974A00F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B14390FB-7744-4F66-90CE-B5A2D188B3C7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B3F0EA8E-F9C7-430F-B0C6-6C789585F764}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{B4765C9C-238F-4F52-A0A5-7A2C07540873}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B51FADCF-5881-467B-8726-E77B91DF591C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B819790E-25F3-47A9-BF7A-E8C0C096BA65}" = protocol=17 | dir=in | app=d:\mass effect 2\masseffect2launcher.exe |
"{BCBACF92-5F10-4302-AA85-ECC423465DF1}" = protocol=17 | dir=in | app=d:\battlefield 3\bf3.exe |
"{BF983E5B-199F-4232-9D51-08CD116A3E4A}" = protocol=6 | dir=in | app=d:\mass effect 2\masseffect2launcher.exe |
"{C1D8B202-A278-4CE2-9395-5662F76512A0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C5AAD417-847E-486F-9CB1-17E87A83F5F4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CF0B63BC-1C1F-407E-BE41-3052BB284112}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D28916F1-17DA-477B-BC3A-4E723A81297A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D47C5C21-A33E-4E4A-9703-2568E081251B}" = protocol=6 | dir=in | app=d:\mass effect 2\binaries\masseffect2.exe |
"{D4ACDC3C-B1D7-4679-A010-B9A7802CD30C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D63DD2EE-70A9-47AB-AB2E-A2158D5C7E46}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{D9283622-0472-44A2-9CD9-A9420563A098}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DB313ED4-D533-4E84-AAAE-5F1CDA0ED3E1}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{E1F84DE2-F154-4DF6-9722-C3B1ED44E6C5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E387404C-4DB3-4620-9F8A-0461135933C1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E47E8287-07D0-4D58-AEA6-82C31917692E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EF54249B-78BB-4B79-B488-1389058859B1}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{F37075D7-2250-43F9-A690-B7EC19427BE1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FA35A068-9861-400F-9D82-9A4FEF00D36B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FD95E915-93C8-425B-A870-6205A173558E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FDDD9629-8259-4C1F-868C-6EFCB0144B7E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{2191718A-F892-4942-949B-8BA642F50F5E}C:\program files (x86)\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"TCP Query User{291DC497-7C4C-4E0D-ADFF-7A7F911746E2}D:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\world_of_tanks\wotlauncher.exe |
"TCP Query User{3119CA47-1EEB-4A50-BEF7-3B8F5478B02D}D:\Mass Effect 2\Binaries\masseffect2.exe" = protocol=6 | dir=in | app=d:\mass effect 2\binaries\masseffect2.exe |
"TCP Query User{5567EC29-1EBF-47A1-B6B8-EEFBFFCB212A}D:\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=d:\need for speed the run\need for speed the run.exe |
"TCP Query User{87A41EAD-1D6A-49D4-9920-C33F0CD8DED7}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{973FC89E-99C5-4EAB-8BC2-C04518601515}D:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\world_of_tanks\worldoftanks.exe |
"TCP Query User{98D1B253-5FD6-4F6D-9E32-F9E305B5DF42}D:\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\tera\tera-launcher.exe |
"TCP Query User{A2EAF4C6-B3B9-4F04-9822-E6EBCE430438}D:\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\tera\tera-launcher.exe |
"TCP Query User{BDB13429-5103-4245-823F-63E08AD706A6}D:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\world_of_tanks\worldoftanks.exe |
"TCP Query User{FDF9C8B8-8726-40CB-97E2-FD3E6224B6FE}D:\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=d:\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{0FDEC2F4-4276-42A8-A96A-F151126807B8}D:\Mass Effect 2\Binaries\masseffect2.exe" = protocol=17 | dir=in | app=d:\mass effect 2\binaries\masseffect2.exe |
"UDP Query User{307C40CB-98CA-454E-9CDD-3BED62C910DA}C:\program files (x86)\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"UDP Query User{6A73F675-BD4B-47E9-A479-47B77E48E4BA}D:\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\tera\tera-launcher.exe |
"UDP Query User{95E8CA16-F135-4D0C-A0A9-D2FB597FAD2B}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{B0135F49-534B-4F2D-A6B9-3CD1C7F8DB7D}D:\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=d:\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{D23A0567-63D8-44B4-9011-B7195A8E9C6A}D:\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=d:\need for speed the run\need for speed the run.exe |
"UDP Query User{D7E478D6-C589-42EA-B58D-13B83750A0B5}D:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\world_of_tanks\worldoftanks.exe |
"UDP Query User{E422369C-A572-4B99-B853-72009FB85838}D:\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\tera\tera-launcher.exe |
"UDP Query User{ED115F6F-9E7D-4120-8E93-ED23C8F47AFD}D:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\world_of_tanks\wotlauncher.exe |
"UDP Query User{F46A026B-0BC8-4299-8353-D8B1D3AEBA73}D:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\world_of_tanks\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{581F6FB0-46E6-42DA-98CC-ABB001386520}" = Motorola Mobile Drivers Installation 5.1.0
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0429C83BF3D339C1124123DE7C09E7270401CD2F" = Balíček ovladače systému Windows - Sony Ericsson (s0016obex) Ports (04/24/2008 4.44.2.0)
"08E697F4E31A9ACFCBC25036CB330BA3395DDDCF" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/23/2007 1.0)
"11D3A85AC16C73BEEBFEB2985C128C86EBA49D04" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0101UsbDeviceClass (04/30/2010 2.0.0010.000022)
"16EDC03E692BE65607F19D23D9B29D14AC915B68" = Balíček ovladače systému Windows - Sony Ericsson (s0016mdm) Modem (04/24/2008 4.44.2.0)
"17204220872ED111F51F90FAB365F56414167791" = Balíček ovladače systému Windows - Sony Ericsson (s1029mgmt) Ports (05/20/2009 4.50.7.1)
"17D02EE7FF8F690E06CF9A7708F544AB0D4180D0" = Balíček ovladače systému Windows - Sony Ericsson (s1018mdm) Modem (03/19/2009 4.50.3.8)
"19D6155C7C034672471655447FAE7AD0B9D1734F" = Balíček ovladače systému Windows - Sony Ericsson (s0016mgmt) Ports (04/24/2008 4.44.2.0)
"1D334EB7332F440A6028CDF56FBE885997E59AFF" = Balíček ovladače systému Windows - Sony Ericsson (se3emgmt) Ports (04/10/2007 4.40.2.0)
"21A72D111CB856F48E8553B4A88146C2BC54A56E" = Balíček ovladače systému Windows - Sony Ericsson (s0017mgmt) Ports (10/01/2008 4.50.3.0)
"24546D57DA8218560E59BF3347D1351FDEBB50B7" = Balíček ovladače systému Windows - Sony Ericsson (s1039nd5) Net (03/05/2010 5.02.0.2)
"2613FC894CE6F419A0A5926E216959B93DD1B719" = Balíček ovladače systému Windows - Sony Ericsson (a016mdm) Modem (10/23/2007 4.42.0.0)
"262CB07C47460C8CEC34D6ECDCE2976E9AFF7229" = Balíček ovladače systému Windows - Sony Ericsson (s1029nd5) Net (05/20/2009 4.50.7.1)
"26DB22792BE9F17888E8A0D8584AF75CFF65475C" = Balíček ovladače systému Windows - Sony Ericsson (s1029bus) USB (05/20/2009 4.50.7.1)
"2DF1AB6122F363FFE09B7CC93FE1CD90FFFBF5B3" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"2F93E6B0EC1639D421A9CCD8C06539D70A2C9D8D" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"3038F810531A3119D8408813AB675523F4BD5634" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"39CC6A9E9ECD57BCA435834B68588E59D4D1262E" = Balíček ovladače systému Windows - Sony Ericsson (se3ebus) USB (04/10/2007 4.40.2.0)
"39E83E1A16EC99A3551A9B7EE249E49CF43461B8" = Balíček ovladače systému Windows - Sony Ericsson Image (03/15/2010 1.0.1039.4)
"3B65F5281FAC2BDEC493E64B8E5BDC43DE0B94A6" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdmc) USB (12/26/2007 4.40.6.0)
"3C49648B12294915EBBBCB55F616F7A041FC1D18" = Balíček ovladače systému Windows - Sony Ericsson (s1039unic) USB (03/05/2010 5.02.0.2)
"3E15961F36095296129AD680597BCB32B73995AB" = Balíček ovladače systému Windows - Sony Ericsson (se3emdm) Modem (04/10/2007 4.40.2.0)
"4289980582B5E07F22B397BAD84B50FCA3917D22" = Balíček ovladače systému Windows - Sony Ericsson (s1018obex) Ports (03/19/2009 4.50.3.8)
"46250DAA3D263C8EEFA78F621BF514BFD19C225B" = Balíček ovladače systému Windows - Sony Ericsson Image (05/05/2008 1.0.0.0017)
"47A204C691C402BC5056438578C6E18BC3AE7437" = Balíček ovladače systému Windows - Sony Ericsson (s0017nd5) Net (10/01/2008 4.50.3.0)
"54EA2ABFB38AEA1D8808B8D08E68201B9FDB025A" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Modem (12/26/2007 4.40.6.0)
"57D40D26ECB043E4AD3C09AE0476B797343DA9BC" = Balíček ovladače systému Windows - Sony Ericsson (s0017bus) USB (10/01/2008 4.50.3.0)
"59A2AFF064B823BE53673BEE04D1F520823F56F5" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrobex) Ports (12/26/2007 4.40.6.0)
"6166182E0807B1F61A8C501DFE6EA4E5DFF5295F" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0102AdbDeviceClass (02/23/2011 2.0.0010.20021)
"663EECF94410E12900879414313CF0662FB57E58" = Balíček ovladače systému Windows - Sony Ericsson (a016mgmt) Ports (10/23/2007 4.42.0.0)
"6780F07F8FC84A64A57296168DAD2A0463D659CE" = Balíček ovladače systému Windows - Sony Ericsson (a016obex) Ports (10/23/2007 4.42.0.0)
"689DD8E590BF4B776FBA3A5E38FD2F9A23FB0824" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"709135B1DA9E308D1513FCD2EB36A6A8C8CD7CD0" = Balíček ovladače systému Windows - Sony Ericsson (s916mgmt) Ports (09/05/2007 4.40.8.1)
"75E902C9B20895327D1E6BF88286F8CC614B7245" = Balíček ovladače systému Windows - Sony Ericsson (s0016bus) USB (04/24/2008 4.44.2.0)
"7D74DC13D399488BE61FE2D0C92555961BE47BEE" = Balíček ovladače systému Windows - Sony Ericsson (s916mdm) Modem (09/05/2007 4.40.8.1)
"81F81A8A63F4CC87AE4982DB853BC382E55C1A4C" = Balíček ovladače systému Windows - Sony Ericsson (s1018unic) USB (03/19/2009 4.50.3.8)
"8A7F5671EC779A9A82F2E6209E43A4E0C1816E02" = Balíček ovladače systému Windows - Sony Ericsson (a016bus) USB (10/23/2007 4.42.0.0)
"8D269E962B10AF71808080CF7F33CC94772B1446" = Balíček ovladače systému Windows - Sony Ericsson (s0016unic) USB (04/24/2008 4.44.2.0)
"9242EC6DBC52A93FDA84B5FE2B02653CEA3D98AE" = Balíček ovladače systému Windows - Sony Ericsson (s1039mdm) Modem (03/05/2010 5.02.0.2)
"96AED80AC6A53E68E8699AB48F8AF24C84C7615C" = Balíček ovladače systému Windows - Sony Ericsson Image (05/25/2009 1.0.1029.2)
"9D436EB62113A1B8D4005A5FF7972FA212310015" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (03/26/2007 1.0)
"A48268F8402FB24EA6170A60F5983FB76490F8AA" = Balíček ovladače systému Windows - Sony Ericsson (s1029mdm) Modem (05/20/2009 4.50.7.1)
"A50817ADD6FCBB0F8698362990089F725794BF68" = Balíček ovladače systému Windows - Sony Ericsson (s916obex) Ports (09/05/2007 4.40.8.1)
"AA95F906B038B74C48CE136D1E4807F7CAC19AE4" = Balíček ovladače systému Windows - Sony Ericsson (s1039obex) Ports (03/05/2010 5.02.0.2)
"AAA1C5FD85F0DB2A12BC54F4F54474B941E09678" = Balíček ovladače systému Windows - Sony Ericsson (s1029obex) Ports (05/20/2009 4.50.7.1)
"ADA4E68BF676A857D1E0709BB35F7F6429668027" = Balíček ovladače systému Windows - Sony Ericsson (s1039mgmt) Ports (03/05/2010 5.02.0.2)
"AFCC6BDFC2FB2718653394000206D98BECAAC196" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrbus) USB (12/26/2007 4.40.6.0)
"B2266955B3401017D8B83D9CAF4EB5EB9F4D0897" = Balíček ovladače systému Windows - Sony Ericsson (s0016nd5) Net (04/24/2008 4.44.2.0)
"B435435D376F485661EFD193425286C49D67E5C3" = Balíček ovladače systému Windows - Sony Ericsson (s1029unic) USB (05/20/2009 4.50.7.1)
"C1C66E8B6A1F5FEA6A4BD682014FA9E74B9B3D21" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrceb) System (12/26/2007 4.40.6.0)
"C9679607CAD739A6F2468D9FA3B23E6825535AE9" = Balíček ovladače systému Windows - Sony Ericsson (se3eobex) Ports (04/10/2007 4.40.2.0)
"CA03B33EE331A54BD1E0401C924B76C6BE073CE5" = Balíček ovladače systému Windows - Sony Ericsson Image (03/25/2009 1.0.1018.7)
"CA4B4019807155E4031A3E9EA29D8D3B29E9AED3" = Balíček ovladače systému Windows - Sony Ericsson (s1039bus) USB (03/05/2010 5.02.0.2)
"CCleaner" = CCleaner
"CF7C7CDF0D9B1E9060AF7ACF8799ECAA751939EF" = Balíček ovladače systému Windows - Sony Ericsson (s0017mdm) Modem (10/01/2008 4.50.3.0)
"DBDCD462675537E6100CD8C8CF596F8719E36722" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB Image (10/28/2009 1.0.5.1)
"DE0847AF689430C84177751A3AB96DCE27768B4D" = Balíček ovladače systému Windows - Sony Ericsson (s916bus) USB (09/05/2007 4.40.8.1)
"DE63012B1E5F3E285AE7085001B9FAA11C715ABC" = Balíček ovladače systému Windows - Sony Ericsson (s1018mgmt) Ports (03/19/2009 4.50.3.8)
"E4B0822B08012168DF40F5D97B91A18C81F791F2" = Balíček ovladače systému Windows - Sony Ericsson (s0017obex) Ports (10/01/2008 4.50.3.0)
"E505647D47DAF2622883E65DD8BF04C393FDCDCB" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB USB (12/26/2007 4.40.6.0)
"E797F532099E0E303F01468443198C5B5CABBDD5" = Balíček ovladače systému Windows - Sony Ericsson (s1018nd5) Net (03/19/2009 4.50.3.8)
"F33D7CFC00F5F23AB61B26F60D76965B226EB223" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrsce) Ports (12/26/2007 4.40.6.0)
"F4268692E420234745EDD92C0DC1C84D4C2066FC" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (usbser) Modem (10/28/2009 1.0.5.1)
"FCCEA9CB401AFFF1FD9C03E20273628B00BCF2C2" = Balíček ovladače systému Windows - Sony Ericsson (s1018bus) USB (03/19/2009 4.50.3.8)
"FF230A83312D8BE69110F99FCD33E0F71378A140" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/29/2007 1.2)
"FFE433FB002FF1581FDC39452713A90091DA0306" = Balíček ovladače systému Windows - Sony Ericsson (s0017unic) USB (10/01/2008 4.50.3.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Software Informer_is1" = Software Informer 1.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11AB0134-444D-4309-8EB9-319FB342D372}" = Garmin Express Tray
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}" = Windows Live Messenger
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage® II: Freya (High Five)
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{25CFEF55-A945-41FC-86ED-76469F31DF37}" = Nokia Connectivity Cable Driver
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2EEA2C37-4E7D-4C47-B141-9D00D49B0B3C}" = Elevated Installer
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34B61214-F4D3-4449-A918-F52A36FB2F71}" = msi LED Manager
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F4A829D-C564-43BA-BA77-033A23160F2A}" = Garmin Update Service
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{805685AA-89CB-4565-BCF7-67E73C6DBE75}" = Garmin Express
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{84249940-76C0-4BFB-BE02-161EEF0286A0}" = NVIDIA Overclock Tool
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BE38545B-08F7-4f80-95AE-752B99BF159C}" = IPWireless Drivers
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C13926BE-159B-4494-BEEC-AB6E207F70AD}" = Cinema ProII Setup
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{f8045cae-2c45-445b-a15b-f77ffe0f1956}" = Garmin Express
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.5.8
"avast" = avast! Internet Security
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"OpenAL" = OpenAL
"Registrace uživatele zařízení Canon MP190 series" = Registrace uživatele zařízení Canon MP190 series
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"Sweet Home 3D_is1" = Sweet Home 3D version 4.0
"The KMPlayer" = The KMPlayer (remove only)
"T-Mobile Communication Centre" = Web'n'walk Manager
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4058901644.www.mstv.cz" = Microsoft TV
"9cacf7c1309087bd" = Soul-Aion Launcher
"MyFreeCodec" = MyFreeCodec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2501589294-1295643304-3595942231-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4058901644.www.mstv.cz" = Microsoft TV
"9cacf7c1309087bd" = Soul-Aion Launcher
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/29/2013 1:54:32 AM | Computer Name = Aldair-MSI | Source = WinMgmt | ID = 10
Description =

Error - 5/29/2013 7:01:35 AM | Computer Name = Aldair-MSI | Source = Application Error | ID = 1000
Description = Název chybující aplikace: regsvr32.exe, verze: 6.1.7600.16385, časové
razítko: 0x4a5bca28 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc000041d Posun chyby: 0x772f1221 ID chybujícího procesu:
0x1330 Čas spuštění chybující aplikace: 0x01ce5c5be2402f02 Cesta k chybující aplikaci:
C:\windows\SysWOW64\regsvr32.exe Cesta k chybujícímu modulu: unknown ID zprávy: 2065088e-c84f-11e2-ba87-6c626d344700

Error - 5/29/2013 7:01:40 AM | Computer Name = Aldair-MSI | Source = Application Error | ID = 1000
Description = Název chybující aplikace: regsvr32.exe, verze: 6.1.7600.16385, časové
razítko: 0x4a5bca28 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc000041d Posun chyby: 0x772f1221 ID chybujícího procesu:
0x454 Čas spuštění chybující aplikace: 0x01ce5c5be590ed10 Cesta k chybující aplikaci:
C:\windows\SysWOW64\regsvr32.exe Cesta k chybujícímu modulu: unknown ID zprávy: 234f3b1b-c84f-11e2-ba87-6c626d344700

[ System Events ]
Error - 5/29/2013 1:54:28 AM | Computer Name = Aldair-MSI | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby ICQ Service bylo dosaženo časového
limitu (30000 ms).

Error - 5/29/2013 9:05:10 AM | Computer Name = Aldair-MSI | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

< End of report >

Martin(x) · #63 Příspěvek od **Martin(x)** » 30 kvě 2013 11:05

a zde je 2 log na dvě části 1/2
OTL logfile created on: 5/29/2013 6:17:56 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aldair\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5.98 Gb Total Physical Memory | 3.89 Gb Available Physical Memory | 65.09% Memory free
11.95 Gb Paging File | 9.39 Gb Available in Paging File | 78.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 142.91 Gb Total Space | 88.58 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 181.28 Gb Total Space | 24.20 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive F: | 129.00 Gb Total Space | 126.84 Gb Free Space | 98.32% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 29.21 Gb Free Space | 6.27% Space Free | Partition Type: NTFS

Computer Name: ALDAIR-MSI | User Name: Aldair | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/05/29 18:15:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aldair\Desktop\OTL.exe
PRC - [2013/05/29 04:47:25 | 000,360,512 | ---- | M] (eSafe Security Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013/05/23 07:44:09 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/16 20:45:43 | 000,418,896 | ---- | M] (337 Technology Limited.) -- C:\Program Files (x86)\Desk 365\deskSvc.exe
PRC - [2013/05/16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/07 01:32:42 | 000,136,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/02/19 14:14:14 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/12/20 11:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files (x86)\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/22 16:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2012/07/13 17:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/03/02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2011/03/30 23:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/03/30 23:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/01/25 23:33:48 | 000,200,192 | ---- | M] (Micro-Star Int'l Co., Ltd.) -- C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
PRC - [2010/11/19 00:49:16 | 001,351,680 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
PRC - [2010/11/05 20:03:56 | 002,482,176 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
PRC - [2010/10/20 23:29:52 | 000,083,456 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
PRC - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe
PRC - [2008/01/22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/05/23 07:44:07 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll
MOD - [2013/05/23 07:44:06 | 013,136,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MOD - [2013/05/23 07:43:59 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013/05/23 07:43:06 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libglesv2.dll
MOD - [2013/05/23 07:43:05 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\libegl.dll
MOD - [2013/05/23 07:43:03 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2013/05/16 16:21:30 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013/05/16 16:21:18 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 16:21:11 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013/05/16 16:21:03 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/16 16:21:00 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/02/16 10:21:35 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013/01/09 07:49:07 | 000,226,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f3c2e63623f7a64a35e3dd746b90edbc\PresentationFramework.Classic.ni.dll
MOD - [2013/01/09 07:48:48 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 07:48:08 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 07:47:49 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 07:47:41 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 07:47:31 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010/11/13 04:00:59 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/05/04 19:59:00 | 000,182,272 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL

========== Services (SafeList) ==========

SRV:64bit: - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/03/07 01:32:42 | 000,136,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012/09/17 11:56:36 | 000,037,216 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/29 04:47:25 | 000,360,512 | ---- | M] (eSafe Security Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (eSafeSvc)
SRV - [2013/05/16 20:45:43 | 000,418,896 | ---- | M] (337 Technology Limited.) [Auto | Running] -- C:\Program Files (x86)\Desk 365\deskSvc.exe -- (desksvc)
SRV - [2013/05/16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/15 10:20:32 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/19 14:14:14 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2012/09/17 11:56:40 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/09/17 11:56:36 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012/08/22 16:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2012/07/13 17:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\SAMSUNG\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 18:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\SAMSUNG\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/07/20 08:55:02 | 000,247,872 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011/03/30 23:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/03/30 23:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/03/30 23:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/07/17 01:39:32 | 000,012,800 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe -- (MSI Foundation Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/22 10:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys -- (MGHwCtrl)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/03/07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/07 01:33:20 | 000,263,096 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2013/03/07 01:33:20 | 000,127,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2013/03/07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/03/07 01:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/02/25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/02/12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/20 06:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/09/20 06:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 16:54:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011/11/24 23:08:47 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/09/09 12:51:36 | 000,218,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/09/09 12:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/09/09 12:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/09/09 12:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/08/19 22:36:44 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/19 22:36:44 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/23 03:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/03/08 23:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/03/08 23:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/01/13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/04 05:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/11/30 08:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/27 10:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/06/23 11:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/06/07 13:25:28 | 000,052,224 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64)
DRV:64bit: - [2010/06/07 13:25:28 | 000,052,224 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010/04/27 03:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 03:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/03/20 13:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/10/10 10:10:18 | 000,089,088 | ---- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipw3gnet.sys -- (IpwP)
DRV:64bit: - [2008/05/16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008/05/16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic)
DRV:64bit: - [2008/05/16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV:64bit: - [2008/05/16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008/05/16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5)
DRV:64bit: - [2008/05/16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008/05/16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus)
DRV - [2012/08/29 16:42:28 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... ts=4325432
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {2BDAE77B-DDFE-4B9B-A490-C832AFB44522}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {2BDAE77B-DDFE-4B9B-A490-C832AFB44522}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" =
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{AE196BA9-6603-4851-967D-6B7FF31A23E5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" =
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{AE196BA9-6603-4851-967D-6B7FF31A23E5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{C7EA89EC-BEBB-44B6-841B-909DB8830558}: "URL" = http://websearch.ask.com/redirect?clien ... 58661439B7
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Aldair\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/27 19:52:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 22:27:31 | 000,000,000 | ---D | M]

[2011/12/25 17:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aldair\AppData\Roaming\Mozilla\Extensions
[2012/07/14 12:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aldair\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/05/07 21:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aldair\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/05/27 19:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/12 19:43:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Flash Player V15.0 = C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gompblemgafijijmlgbaepcijfgfgljf\13.5_0\
CHR - Extension: Gmail = C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/05/18 09:34:08 | 000,000,086 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 85.207.44.8 L2authd.Lineage2.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe (Micro-Star Int'l Co., Ltd.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe (MSI)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000..\Run: [] C:\Program Files (x86)\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [] C:\Program Files (x86)\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [Facebook Update] C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\Run: [T-Mobile Communication Centre] C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{553BDE1A-5D5B-79D7-FE42-B3E1C3C46347}: NameServer = 93.153.117.33 93.153.117.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59BA2C05-537E-43E2-940B-4F1338540DB2}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A224EC8-8891-422E-BF8B-F23713350F70}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7607AF7-D5F9-4F9F-9964-DB4E4CE80D53}: DhcpNameServer = 192.168.3.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/17 17:24:28 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{197d7420-a814-11e2-9be2-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{197d7420-a814-11e2-9be2-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{197d76aa-a814-11e2-9be2-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{197d76aa-a814-11e2-9be2-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{197d7717-a814-11e2-9be2-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{197d7717-a814-11e2-9be2-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{6b01aab6-a6fe-11e1-bc48-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{6b01aab6-a6fe-11e1-bc48-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{a4aad9ce-b207-11e1-bf95-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{a4aad9ce-b207-11e1-bf95-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{b6ebfd33-a50a-11e1-bf34-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{b6ebfd33-a50a-11e1-bf34-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{be67a293-83a9-11e1-ae62-6c626d344700}\Shell - "" = AutoRun
O33 - MountPoints2\{be67a293-83a9-11e1-ae62-6c626d344700}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{ec74b072-7807-11e1-ae97-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{ec74b072-7807-11e1-ae97-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{ec74b086-7807-11e1-ae97-dca9713d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{ec74b086-7807-11e1-ae97-dca9713d0937}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sh4native Sh4Removal)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/05/29 18:15:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aldair\Desktop\OTL.exe
[2013/05/29 15:16:09 | 000,000,000 | ---D | C] -- C:\Users\Aldair\Desktop\2013_05_29
[2013/05/28 16:30:02 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/05/28 16:29:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/27 20:05:07 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\uxtuneup.dll
[2013/05/27 20:05:06 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\uxtuneup.dll
[2013/05/27 19:25:05 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\TURegOpt.exe
[2013/05/27 19:25:04 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\authuitu.dll
[2013/05/27 19:25:04 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\authuitu.dll
[2013/05/27 19:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013/05/27 19:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013/05/27 19:20:24 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Roaming\Python-Eggs
[2013/05/27 19:20:19 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Roaming\BitLord
[2013/05/27 19:20:12 | 000,000,000 | ---D | C] -- C:\Users\Aldair\Documents\BitLord
[2013/05/27 16:45:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/05/27 16:39:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/05/27 12:20:23 | 000,000,000 | ---D | C] -- C:\Users\Aldair\Desktop\2013_05_27
[2013/05/26 19:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013/05/26 19:19:35 | 000,000,000 | ---D | C] -- C:\rsit
[2013/05/26 18:50:01 | 000,000,000 | ---D | C] -- C:\Users\Aldair\Desktop\2013_05_26
[2013/05/26 12:06:41 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/05/26 12:06:41 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/05/26 12:06:41 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/05/26 12:06:41 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/05/26 12:06:41 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/05/26 12:06:41 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/05/26 12:06:41 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/05/26 12:06:41 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/05/26 12:06:41 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/05/26 12:06:41 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/05/26 12:06:41 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/05/26 12:06:41 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/05/26 12:06:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/05/26 12:06:41 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/05/26 12:06:41 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/05/26 12:06:41 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/05/26 12:06:41 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/05/26 12:06:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/05/26 12:06:41 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/05/26 12:06:41 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/05/26 12:06:41 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/05/26 12:06:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/05/26 12:06:41 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/05/26 12:06:41 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/05/26 12:06:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/05/26 12:06:41 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/05/26 12:06:41 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/05/26 12:06:41 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/05/26 12:06:41 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/05/26 12:06:41 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/05/26 12:06:41 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/05/26 12:06:41 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/05/26 12:06:41 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/05/26 12:06:41 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/05/26 12:06:41 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/05/26 12:06:41 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/05/26 12:06:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/05/26 12:06:41 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/05/26 12:06:41 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/05/26 12:06:41 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/05/26 12:06:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/05/26 12:06:41 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/05/26 12:06:41 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/05/26 12:06:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/05/26 12:06:41 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/05/26 12:06:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/05/26 12:06:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/05/26 12:06:41 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/05/26 12:06:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/05/26 12:06:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/05/26 12:06:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/26 12:06:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/05/26 12:06:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/05/26 12:06:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/05/26 12:06:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/05/26 12:06:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/05/26 12:06:41 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/05/26 12:06:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/05/26 12:06:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/05/26 12:06:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/05/26 12:06:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/05/26 12:06:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/05/26 12:06:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/05/26 12:06:41 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/05/26 12:06:41 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/05/26 12:06:41 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/05/26 12:06:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/05/26 12:06:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/05/26 12:00:38 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013/05/26 10:10:41 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\WavesGUILib64.dll
[2013/05/26 10:10:41 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSX64.dll
[2013/05/26 10:10:41 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSH64.dll
[2013/05/26 10:10:41 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSHP64.dll
[2013/05/26 10:10:41 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSWOW64.dll
[2013/05/26 10:10:39 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSnMg64.cpl
[2013/05/26 10:10:38 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtPgEx64.dll
[2013/05/26 10:10:38 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtlCPAPI64.dll
[2013/05/26 10:10:37 | 003,643,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkAPO64.dll
[2013/05/26 10:10:37 | 001,267,856 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTCOM64.dll
[2013/05/26 10:10:37 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkApi64.dll
[2013/05/26 10:10:37 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEP64A.dll
[2013/05/26 10:10:37 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEED64A.dll
[2013/05/26 10:10:37 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkCfg64.dll
[2013/05/26 10:10:37 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEL64A.dll
[2013/05/26 10:10:37 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEG64A.dll
[2013/05/26 10:10:37 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkCoLDR64.dll
[2013/05/26 10:10:36 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll
[2013/05/26 10:10:36 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll
[2013/05/26 10:10:36 | 000,114,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RCoInstII64.dll
[2013/05/26 10:10:33 | 000,628,064 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\MBTHX64.dll
[2013/05/26 10:10:33 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\MBWrp64.dll
[2013/05/26 10:10:32 | 000,563,552 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\MBTHX32.dll
[2013/05/26 10:10:32 | 000,032,344 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\drivers\MBfilt64.sys
[2013/05/26 10:10:29 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioEQ64.dll
[2013/05/26 10:10:28 | 000,834,936 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPOShell64.dll
[2013/05/26 10:10:27 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO20.dll
[2013/05/26 10:10:14 | 002,535,008 | ---- | C] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll
[2013/05/26 10:10:09 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013/05/26 10:10:07 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAC64.dll
[2013/05/26 10:10:07 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAR64.dll
[2013/05/26 10:09:50 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Local\CrashDumps
[2013/05/26 10:09:38 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2013/05/26 10:09:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/05/25 22:25:33 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Local\Adobe
[2013/05/25 09:38:34 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Roaming\Malwarebytes
[2013/05/25 09:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/05/23 20:06:26 | 000,000,000 | ---D | C] -- C:\Users\Aldair\AppData\Local\NVIDIA
[2013/05/23 20:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/05/23 20:01:05 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2013/05/23 20:01:05 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2013/05/23 20:01:05 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2013/05/23 20:01:05 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
[2013/05/23 20:01:05 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvopencl.dll
[2013/05/23 20:01:05 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
[2013/05/23 20:01:05 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
[2013/05/23 20:01:05 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvhda64v.sys
[2013/05/23 20:01:05 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdap64.dll
[2013/05/23 20:01:04 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2013/05/23 20:01:04 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2013/05/23 20:01:04 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
[2013/05/23 20:01:04 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2013/05/23 20:01:04 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2013/05/23 20:01:04 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2013/05/23 20:01:04 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2013/05/23 20:01:04 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2013/05/23 20:01:04 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2013/05/23 20:01:04 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6432018.dll
[2013/05/23 20:01:04 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6432018.dll
[2013/05/23 20:01:04 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
[2013/05/23 20:01:04 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

Martin(x) · #64 Příspěvek od **Martin(x)** » 30 kvě 2013 11:07

a zde je 2 log na dvě části 2/2

[2013/05/29 18:21:01 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000UA.job
[2013/05/29 18:20:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/05/29 18:19:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/05/29 18:15:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aldair\Desktop\OTL.exe
[2013/05/29 17:24:00 | 000,000,952 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/29 10:24:00 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/29 09:21:04 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000Core.job
[2013/05/29 08:01:39 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 08:01:39 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 07:52:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/05/28 13:55:29 | 000,562,960 | ---- | M] () -- C:\Users\Aldair\Desktop\kuk.pdf
[2013/05/27 19:29:35 | 000,000,218 | ---- | M] () -- C:\Users\Aldair\AppData\Local\recently-used.xbel
[2013/05/27 19:15:41 | 001,585,302 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/05/27 19:15:41 | 000,669,736 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013/05/27 19:15:41 | 000,655,090 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/05/27 19:15:41 | 000,141,336 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013/05/27 19:15:41 | 000,121,962 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/05/26 12:06:41 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/05/26 12:06:41 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/05/26 12:06:41 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/05/26 12:06:41 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/05/26 12:06:41 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/05/26 12:06:41 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/05/26 12:06:41 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/05/26 12:06:41 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/05/26 12:06:41 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/05/26 12:06:41 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/05/26 12:06:41 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/05/26 12:06:41 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/05/26 12:06:41 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/05/26 12:06:41 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/05/26 12:06:41 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/05/26 12:06:41 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/05/26 12:06:41 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/05/26 12:06:41 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/05/26 12:06:41 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/05/26 12:06:41 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/05/26 12:06:41 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/05/26 12:06:41 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/05/26 12:06:41 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/05/26 12:06:41 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/05/26 12:06:41 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/05/26 12:06:41 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/05/26 12:06:41 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/05/26 12:06:41 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/05/26 12:06:41 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/05/26 12:06:41 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/05/26 12:06:41 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/05/26 12:06:41 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/05/26 12:06:41 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/05/26 12:06:41 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/05/26 12:06:41 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/05/26 12:06:41 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/05/26 12:06:41 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/05/26 12:06:41 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/05/26 12:06:41 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/05/26 12:06:41 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/05/26 12:06:41 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/05/26 12:06:41 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/05/26 12:06:41 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/05/26 12:06:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/05/26 12:06:41 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/05/26 12:06:41 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/05/26 12:06:41 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/05/26 12:06:41 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/05/26 12:06:41 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/05/26 12:06:41 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/05/26 12:06:41 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/26 12:06:41 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/05/26 12:06:41 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/05/26 12:06:41 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/05/26 12:06:41 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/05/26 12:06:41 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/05/26 12:06:41 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/05/26 12:06:41 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/05/26 12:06:41 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/05/26 12:06:41 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/05/26 12:06:41 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/05/26 12:06:41 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/05/26 12:06:41 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/05/26 12:06:41 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/05/26 12:06:41 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/05/26 12:06:41 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/05/26 12:06:41 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/05/26 12:06:41 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/05/26 12:06:41 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/05/26 12:06:41 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/29 18:19:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/05/28 13:55:29 | 000,562,960 | ---- | C] () -- C:\Users\Aldair\Desktop\kuk.pdf
[2013/05/27 19:29:35 | 000,000,218 | ---- | C] () -- C:\Users\Aldair\AppData\Local\recently-used.xbel
[2013/05/27 19:25:03 | 000,002,206 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013/05/26 12:06:41 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/05/26 12:06:41 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/05/26 10:10:36 | 000,339,157 | ---- | C] () -- C:\windows\SysNative\drivers\RTAIODAT.DAT
[2013/05/17 19:41:41 | 000,014,232 | ---- | C] () -- C:\windows\SysWow64\sh4native.exe
[2012/11/28 15:17:24 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012/11/28 15:17:18 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2012/11/28 15:17:18 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2012/11/28 15:17:18 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2012/11/28 15:17:18 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012/04/09 16:39:01 | 000,120,200 | ---- | C] () -- C:\windows\SysWow64\DLLDEV32i.dll
[2012/01/31 17:14:47 | 000,081,408 | ---- | C] () -- C:\Users\Aldair\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/27 11:11:36 | 000,030,601 | ---- | C] () -- C:\Users\Aldair\x.exe
[2011/12/24 16:30:21 | 000,000,384 | ---- | C] () -- C:\windows\ODBC.INI
[2011/11/24 20:21:22 | 001,564,460 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/08/19 23:19:06 | 000,001,200 | ---- | C] () -- C:\windows\THXCfg_SP_APOIM.ini
[2011/08/19 23:19:06 | 000,001,099 | ---- | C] () -- C:\windows\THXCfg_HP_APOIM.ini
[2011/08/19 23:19:06 | 000,001,099 | ---- | C] () -- C:\windows\THXCfg_APOIM.ini
[2011/08/19 23:19:05 | 000,182,272 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL
[2011/08/19 23:19:05 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/15 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\AnvSoft
[2013/05/27 19:29:18 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BitLord
[2013/05/25 15:06:14 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BSplayer
[2011/11/24 19:30:51 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BSplayer Pro
[2013/05/03 15:42:30 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Canon
[2013/05/17 17:16:22 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\DAEMON Tools Lite
[2013/05/29 12:56:02 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\eIntaller
[2013/02/28 18:32:28 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Garmin
[2012/03/24 01:58:30 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\GSA Targeted Email Finder
[2013/02/23 21:40:02 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\ICQ
[2013/04/13 10:06:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\IMSI
[2012/04/09 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MAGIX
[2012/03/10 14:15:50 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MSI
[2011/12/22 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Mumble
[2013/01/18 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MusicNet
[2012/05/03 20:14:53 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Notebook Hardware Control
[2012/03/30 14:31:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Passware
[2013/05/27 19:20:24 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Python-Eggs
[2011/12/01 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Rovio
[2011/12/24 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\runic games
[2012/12/21 22:11:14 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Samsung
[2012/04/01 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/24 09:55:17 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TERA
[2013/01/30 15:13:07 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TS3Client
[2011/12/17 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\ts3overlay
[2013/05/27 20:03:11 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TuneUp Software
[2013/03/10 19:53:03 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Ulozto File Manager
[2013/05/27 20:22:42 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\uTorrent
[2013/01/19 20:56:47 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Wargaming.net
[2013/05/02 10:22:54 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Yandex

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,522 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011/12/25 10:45:07 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/25 10:45:08 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/01 08:30:06 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/03/09 10:16:52 | 000,000,910 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000Core.job
[2013/03/09 10:16:53 | 000,000,932 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000UA.job

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/08/19 22:37:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/19 22:37:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/19 22:37:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/19 22:37:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/19 22:37:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/19 22:37:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/08/19 22:38:50 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\windows\SysNative\drivers\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/08/19 22:38:50 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp files -> C:\windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[4 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/03/17 10:47:22 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Adobe
[2012/04/01 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Adobe Mini Bridge CS5
[2012/04/15 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\AnvSoft
[2013/05/27 19:29:18 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BitLord
[2013/05/25 15:06:14 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BSplayer
[2011/11/24 19:30:51 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\BSplayer Pro
[2013/05/03 15:42:30 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Canon
[2013/05/17 17:16:22 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\DAEMON Tools Lite
[2013/03/30 14:05:32 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\dvdcss
[2013/05/29 12:56:02 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\eIntaller
[2013/02/28 18:32:28 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Garmin
[2012/04/20 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Google
[2012/03/24 01:58:30 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\GSA Targeted Email Finder
[2013/02/23 21:40:02 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\ICQ
[2011/11/24 18:09:55 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Identities
[2013/04/13 10:06:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\IMSI
[2011/12/22 20:41:56 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\InstallShield
[2011/11/24 18:10:18 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Intel Corporation
[2011/11/24 21:22:46 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Macromedia
[2012/04/09 16:41:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MAGIX
[2013/05/25 09:38:34 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Malwarebytes
[2011/08/19 22:06:43 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Media Center Programs
[2013/05/18 10:09:05 | 000,000,000 | --SD | M] -- C:\Users\Aldair\AppData\Roaming\Microsoft
[2011/12/24 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Microsoft Web Folders
[2011/11/24 19:20:32 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Mozilla
[2012/03/10 14:15:50 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MSI
[2011/12/22 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Mumble
[2013/01/18 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\MusicNet
[2013/02/09 12:21:27 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Nero
[2012/05/03 20:14:53 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Notebook Hardware Control
[2011/11/25 23:09:55 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\NVIDIA
[2012/03/30 14:31:04 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Passware
[2013/05/27 19:20:24 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Python-Eggs
[2011/12/01 20:25:46 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Rovio
[2011/12/24 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\runic games
[2012/12/21 22:11:14 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Samsung
[2013/01/18 14:21:19 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Skype
[2012/04/01 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/24 09:55:17 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TERA
[2013/01/30 15:13:07 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TS3Client
[2011/12/17 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\ts3overlay
[2013/05/27 20:03:11 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\TuneUp Software
[2013/03/10 19:53:03 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Ulozto File Manager
[2013/05/27 20:22:42 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\uTorrent
[2011/11/25 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Ventrilo
[2013/03/30 14:06:36 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\vlc
[2013/01/19 20:56:47 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Wargaming.net
[2013/05/02 10:22:54 | 000,000,000 | ---D | M] -- C:\Users\Aldair\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2009/08/11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010/02/23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013/05/29 12:56:05 | 000,847,352 | ---- | M] (DealPly Technologies Ltd.) -- C:\Users\Aldair\AppData\Roaming\eIntaller\2B89E6399918491e9F42B73043AAD556\dp.exe
[2013/05/29 12:56:24 | 000,698,424 | ---- | M] (eXQ Co., Ltd.) -- C:\Users\Aldair\AppData\Roaming\eIntaller\2B89E6399918491e9F42B73043AAD556\eXQ.exe
[2013/05/29 13:01:02 | 000,295,934 | ---- | M] () -- C:\Users\Aldair\AppData\Roaming\eIntaller\2B89E6399918491e9F42B73043AAD556\WinZipper.exe
[2013/05/08 19:51:48 | 004,538,960 | ---- | M] (337 Technology Limited.) -- C:\Users\Aldair\AppData\Roaming\eIntaller\AD8BBA6EAB5D4d83866B875120E6A863\Desk365.exe
[2013/05/16 20:45:23 | 000,360,512 | ---- | M] (eSafe Security Co., Ltd.) -- C:\Users\Aldair\AppData\Roaming\eIntaller\AD8BBA6EAB5D4d83866B875120E6A863\eGdpSvc.exe
[2013/05/16 20:45:24 | 000,698,424 | ---- | M] (eXQ Co., Ltd.) -- C:\Users\Aldair\AppData\Roaming\eIntaller\AD8BBA6EAB5D4d83866B875120E6A863\eXQ.exe
[2012/12/20 11:44:36 | 000,602,120 | ---- | M] (ml) -- C:\Users\Aldair\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/12/20 11:44:36 | 000,602,120 | ---- | M] (ml) -- C:\Users\Aldair\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013/05/29 18:20:00 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/05/29 09:21:04 | 000,000,910 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000Core.job
[2013/05/29 18:21:01 | 000,000,932 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000UA.job
[2013/05/29 10:24:00 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/29 18:24:02 | 000,000,952 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012/12/20 11:44:32 | 000,844,296 | ---- | M] (Samsung)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/05/26 12:06:41 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/05/23 07:44:09 | 000,825,808 | ---- | M] (Google Inc.) MD5=51C392EC9DA1119EC86D562FF3E7344F -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/05/29 18:19:31 | 000,000,512 | ---- | M] () MD5=34ABF95A843382160B042094D1F33E6A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013/05/27 19:17:25 | 000,638,688 | ---- | M] () -- \Download\tuneup_utilities_2013_v13.0.2013.194_including_crack__key_iahq_BitLord.exe
[2013/04/13 08:42:02 | 000,018,229 | ---- | M] () -- \Users\Aldair\AppData\Roaming\uTorrent\FloorPlan 3D Design Suite 11.0.32 + Crack.torrent
[2013/05/27 16:31:34 | 000,017,402 | ---- | M] () -- \Users\Aldair\AppData\Roaming\uTorrent\TuneUp Utilities 2013 v13.0.3000.138 Incl Crack+Key - {Cyclonoid}.rar.torrent

< *keygen* /s >

< *loader* /s >
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2013/02/19 12:59:22 | 000,044,032 | ---- | M] () -- \Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MyDownloader.Core.dll
[2011/12/23 16:33:23 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/12/23 16:33:23 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/12/23 16:33:23 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/01/24 16:50:21 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011/12/23 16:37:03 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013/05/16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2012/11/01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/11/01 09:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/09/04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/09/04 23:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012/12/20 05:33:50 | 000,069,120 | ---- | M] () -- \Program Files (x86)\SAMSUNG\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/12/22 17:54:23 | 000,927,704 | ---- | M] () -- \Program Files (x86)\SAMSUNG\Kies\External\FirmwareUpdate\GT-I9300\BinaryLoaderMgr.exe
[2012/12/22 17:54:24 | 000,935,384 | ---- | M] () -- \Program Files (x86)\SAMSUNG\Kies\External\FirmwareUpdate\GT-I9300\DeviceDownloader.dll
[2011/12/23 12:13:48 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2013/03/21 12:51:10 | 000,008,321 | ---- | M] () -- \Program Files (x86)\Sweet Home 3D\THIRDPARTY-LICENSE-LOADER3DS.TXT
[2013/03/21 12:51:04 | 000,050,157 | ---- | M] () -- \Program Files (x86)\Sweet Home 3D\lib\Loader3DS1_2u.jar
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2009/09/25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2005/06/07 20:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR 3.61 Multi\RarExtLoader.exe
[2013/05/16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{0D427B57-F031-4FC1-8D8F-649E67EC4315}\ExtensionLoader.dll
[2012/07/26 23:47:04 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/05/15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/05/15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011/11/24 23:16:38 | 000,057,728 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,057,728 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,057,728 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,057,728 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,057,728 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,061,770 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011/11/24 23:16:38 | 000,061,770 | ---- | M] () -- \Users\Aldair\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012/08/29 11:39:52 | 000,010,819 | ---- | M] () -- \Users\Aldair\AppData\Local\Temp\ish9612313\images\Loader.gif
[2013/03/25 17:21:00 | 000,388,776 | ---- | M] () -- \Users\Aldair\AppData\Roaming\TERA\launcher\live\downloader.bundle
[2013/03/20 08:02:00 | 000,694,656 | ---- | M] () -- \Users\Aldair\AppData\Roaming\TERA\launcher\live\downloader.dll
[2011/12/18 18:05:37 | 000,010,577 | ---- | M] () -- \Users\Aldair\AppData\Roaming\ts3overlay\logs\RAREXTLOADER.EXE.log
[2012/07/26 23:47:04 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/05/15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/05/15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/01/23 20:19:52 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/05/29 18:15:33 | 000,025,712 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-04169B25.pf
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/19 22:13:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/08/19 22:13:58 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/08/19 22:13:58 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/08/19 22:13:58 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/08/19 22:13:58 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/08/19 22:34:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/08/19 22:34:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/08/19 22:34:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/08/19 22:34:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/08/19 22:34:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/08/19 22:11:44 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/08/19 22:34:15 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/08/19 22:34:15 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 12 bytes -> C:\Users\Aldair\Documents:{1AA87861-906F-43B3-9815-7429EA2967F9}

< End of report >

#65 Příspěvek od **vyosek** » 01 čer 2013 20:10

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys -- (MGHwCtrl)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSI2DF&pc=MAM2&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... ts=4325432
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSI2DF&pc=MAM2&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {2BDAE77B-DDFE-4B9B-A490-C832AFB44522}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {2BDAE77B-DDFE-4B9B-A490-C832AFB44522}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medi ... 1369825292
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" =
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{AE196BA9-6603-4851-967D-6B7FF31A23E5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{2BDAE77B-DDFE-4B9B-A490-C832AFB44522}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?ch_id=em&q={searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" =
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{AE196BA9-6603-4851-967D-6B7FF31A23E5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{C7EA89EC-BEBB-44B6-841B-909DB8830558}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=B352C475-F567-4381-B491-EE0E93E7A1C9&apn_sauid=81B955E4-054E-4E61-8CF2-7A58661439B7
IE - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
O2:64bit: - BHO: (no name) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - No CLSID value found.
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-2501589294-1295643304-3595942231-1004\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/05/29 18:20:00 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/05/29 09:21:04 | 000,000,910 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000Core.job
[2013/05/29 18:21:01 | 000,000,932 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501589294-1295643304-3595942231-1000UA.job
[2013/05/29 10:24:00 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/29 18:24:02 | 000,000,952 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 12 bytes -> C:\Users\Aldair\Documents:{1AA87861-906F-43B3-9815-7429EA2967F9}

:files
C:\Program Files\Enigma Software Group\
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

preventivní kontrola

Re: preventivní kontrola

Re: preventivní kontrola

Re: preventivní kontrola

Re: preventivní kontrola

Re: preventivní kontrola