Prosím o kontrolu z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Thomaz at 2013-12-01 12:36:34
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 8 GB (20%) free of 38 GB
Total RAM: 1692 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:36:36, on 1.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\RSIT.exe
C:\Program Files (x86)\trend micro\Thomaz.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MSO2007\Office12\GR469A~1.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [A9476D6375887E276D5141E740DED5D734FD79AE._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MSO2007\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSO2007\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MSO2007\Office12\GRA32A~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7496 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\MSO2007\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"A9476D6375887E276D5141E740DED5D734FD79AE._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-11-14 863184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\MSO2007\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0x01000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"VIDC.FMVC"=fmcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2013-12-01 12:34:58 ----D---- C:\rsit
2013-11-29 18:40:11 ----D---- C:\Users\Thomaz\AppData\Roaming\Malwarebytes
2013-11-29 18:40:04 ----D---- C:\ProgramData\Malwarebytes
2013-11-29 16:26:44 ----A---- C:\Windows\Active Setup Log.txt
2013-11-29 16:26:44 ----A---- C:\Windows\Active Setup Log.BAK
2013-11-28 21:29:04 ----D---- C:\Windows\SUA
2013-11-28 21:12:15 ----D---- C:\Program Files (x86)\IrfanView
2013-11-27 14:54:57 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2013-11-27 14:54:57 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-11-27 14:54:55 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-27 14:54:55 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-27 14:54:54 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-27 14:54:54 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-27 14:54:54 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-27 14:54:54 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-27 14:54:53 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2013-11-27 14:54:53 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-11-27 14:54:52 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2013-11-27 14:54:52 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-11-27 14:54:49 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-27 14:54:48 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-27 14:54:48 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-27 14:54:47 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-27 14:54:45 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-27 14:54:45 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-27 14:54:45 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-27 14:54:44 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2013-11-27 14:54:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-11-27 14:54:43 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2013-11-27 14:54:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-27 14:54:43 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2013-11-27 14:54:42 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2013-11-27 14:54:42 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-11-27 14:54:41 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-27 14:54:41 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-27 14:54:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-27 14:54:40 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-27 14:54:40 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-27 14:54:39 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-27 14:54:39 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-27 14:54:38 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-27 14:54:38 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-27 14:54:38 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-27 14:54:38 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2013-11-27 14:54:38 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-11-27 14:54:37 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2013-11-27 14:54:37 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-11-27 14:54:37 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2013-11-27 14:54:35 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2013-11-27 14:54:35 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-11-27 14:54:35 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2013-11-27 14:54:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-11-27 14:54:34 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2013-11-27 14:54:33 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2013-11-27 14:54:32 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2013-11-27 14:54:32 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-11-27 14:54:30 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2013-11-27 14:54:30 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-11-27 14:54:29 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2013-11-27 14:54:27 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-11-27 14:54:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-11-27 14:54:25 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2013-11-27 14:54:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-11-27 14:54:23 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2013-11-27 14:54:23 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2013-11-27 14:54:23 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-11-27 14:54:22 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2013-11-27 14:54:21 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2013-11-27 14:54:20 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2013-11-27 14:54:20 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2013-11-27 14:54:19 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2013-11-27 14:54:18 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2013-11-27 14:54:18 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2013-11-27 14:54:18 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2013-11-27 14:54:18 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2013-11-27 14:54:17 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2013-11-27 14:54:16 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2013-11-27 14:54:16 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2013-11-27 14:54:14 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2013-11-27 14:54:06 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2013-11-27 14:54:06 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2013-11-27 14:54:04 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2013-11-27 14:54:02 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2013-11-27 14:54:01 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2013-11-27 14:54:00 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2013-11-27 14:54:00 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2013-11-27 14:53:53 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2013-11-27 14:50:34 ----D---- C:\Windows\SysWOW64\directx
2013-11-27 12:16:17 ----D---- C:\Program Files (x86)\Common Files\MicroWorld
2013-11-25 19:02:05 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2013-11-23 20:01:45 ----D---- C:\Program Files (x86)\trend micro
2013-11-21 13:51:17 ----A---- C:\Windows\SysWOW64\.tmp
2013-11-21 13:42:47 ----D---- C:\Users\Thomaz\AppData\Roaming\PowerISO
2013-11-21 13:31:37 ----D---- C:\Program Files (x86)\WinHex
2013-11-20 17:01:33 ----D---- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
2013-11-20 17:01:28 ----D---- C:\Program Files (x86)\Ulozto File Manager
2013-11-20 16:39:53 ----D---- C:\Program Files (x86)\EaseUS
2013-11-19 18:08:06 ----D---- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
2013-11-19 18:08:05 ----D---- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
2013-11-19 18:08:05 ----D---- C:\Program Files (x86)\TweakNow PowerPack
2013-11-19 12:50:02 ----D---- C:\Program Files (x86)\Team360h
2013-11-18 20:19:41 ----A---- C:\Windows\SysWOW64\authuitu.dll
2013-11-18 17:21:48 ----ASH---- C:\pagefile.sys
2013-11-17 20:06:54 ----D---- C:\Program Files (x86)\Party City Casino
2013-11-17 19:32:48 ----D---- C:\Windows\PixArt
2013-11-17 14:35:30 ----D---- C:\Program Files (x86)\Datel
2013-11-17 13:42:53 ----D---- C:\Windows\XSxS
2013-11-17 13:42:13 ----D---- C:\Users\Thomaz\AppData\Roaming\Datel
2013-11-15 10:18:09 ----A---- C:\Windows\SysWOW64\ieui.dll
2013-11-15 10:18:08 ----A---- C:\Windows\SysWOW64\iesetup.dll
2013-11-15 10:18:07 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 10:18:07 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2013-11-15 10:18:07 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-11-15 10:18:07 ----A---- C:\Windows\SysWOW64\iernonce.dll
2013-11-15 10:18:06 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-11-15 10:18:05 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-11-15 10:18:03 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-11-15 10:18:03 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-11-15 10:18:00 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2013-11-15 10:17:59 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-11-15 10:17:58 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-11-15 10:17:53 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-11-14 19:19:52 ----A---- C:\Windows\SysWOW64\crypt32.dll
2013-11-14 19:19:48 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 19:19:48 ----A---- C:\Windows\SysWOW64\credui.dll
2013-11-14 19:19:48 ----A---- C:\Windows\SysWOW64\authui.dll
2013-11-14 19:19:44 ----A---- C:\Windows\SysWOW64\sspicli.dll
2013-11-14 19:19:44 ----A---- C:\Windows\SysWOW64\schannel.dll
2013-11-14 19:19:44 ----A---- C:\Windows\SysWOW64\secur32.dll
2013-11-14 19:19:44 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 19:19:41 ----A---- C:\Windows\SysWOW64\gdi32.dll
2013-11-14 19:19:40 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 19:19:40 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 22:19:07 ----D---- C:\Casino
2013-11-09 17:23:30 ----D---- C:\Users\Thomaz\AppData\Roaming\HD Tune Pro
2013-11-05 20:50:01 ----D---- C:\ProgramData\MGS
2013-11-03 20:21:48 ----A---- C:\Windows\SysWOW64\libeay32.dll
2013-11-03 20:01:48 ----A---- C:\Windows\xuninst.exe
2013-11-03 20:01:32 ----D---- C:\ProgramData\Microsoft Speech Platform SDK
2013-11-03 20:01:23 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-11-03 18:53:09 ----D---- C:\Users\Thomaz\AppData\Roaming\GruntMods
2013-11-03 18:53:06 ----D---- C:\Program Files (x86)\GruntMods
2013-11-03 18:43:25 ----D---- C:\Program Files (x86)\File Viewer
2013-11-03 18:42:29 ----D---- C:\ProgramData\APN
2013-11-02 15:29:23 ----D---- C:\Windows\rescache
2013-10-29 16:33:51 ----D---- C:\Users\Thomaz\AppData\Roaming\Apple Computer
2013-10-13 22:44:37 ----HD---- C:\ProgramData\CanonIJScan
2013-10-13 00:34:32 ----D---- C:\Programs
2013-10-09 11:34:02 ----A---- C:\Windows\SysWOW64\comctl32.dll
2013-10-09 11:33:56 ----A---- C:\Windows\SysWOW64\lpk.dll
2013-10-09 11:33:56 ----A---- C:\Windows\SysWOW64\fontsub.dll
2013-10-09 11:33:56 ----A---- C:\Windows\SysWOW64\dciman32.dll
2013-10-09 11:33:56 ----A---- C:\Windows\SysWOW64\atmlib.dll
2013-10-09 11:33:56 ----A---- C:\Windows\SysWOW64\atmfd.dll
2013-10-09 11:33:47 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 11:33:47 ----A---- C:\Windows\SysWOW64\davclnt.dll
2013-10-09 11:33:41 ----A---- C:\Windows\SysWOW64\mswsock.dll
2013-10-09 11:33:32 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 11:33:31 ----A---- C:\Windows\SysWOW64\tdh.dll
2013-10-09 11:33:31 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 11:33:31 ----A---- C:\Windows\SysWOW64\advapi32.dll
2013-10-09 11:33:30 ----A---- C:\Windows\SysWOW64\ntdll.dll
2013-10-09 11:33:27 ----A---- C:\Windows\SysWOW64\wow32.dll
2013-10-09 11:33:27 ----A---- C:\Windows\SysWOW64\user.exe
2013-10-09 11:33:27 ----A---- C:\Windows\SysWOW64\setup16.exe
2013-10-09 11:33:27 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 11:33:27 ----A---- C:\Windows\SysWOW64\instnm.exe
2013-10-09 11:33:19 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-05 15:43:44 ----D---- C:\Program Files (x86)\Full Tilt Poker
2013-10-02 20:30:29 ----D---- C:\Program Files (x86)\Adobe
2013-10-01 17:18:03 ----D---- C:\Program Files (x86)\Modio
2013-10-01 17:13:54 ----D---- C:\Program Files (x86)\Daring Development
2013-09-29 21:21:11 ----D---- C:\Microgaming
2013-09-28 08:50:34 ----HD---- C:\ProgramData\CanonIJMIG
2013-09-28 08:17:57 ----D---- C:\Users\Thomaz\AppData\Roaming\Canon
2013-09-28 08:17:51 ----HD---- C:\ProgramData\CanonIJQuickMenu
2013-09-28 08:17:38 ----HD---- C:\ProgramData\CanonIJEGV
2013-09-28 08:11:42 ----D---- C:\ProgramData\Canon IJ Network Tool
2013-09-28 08:11:34 ----A---- C:\Windows\SysWOW64\CNHMCA.dll
2013-09-28 08:11:34 ----A---- C:\Windows\SysWOW64\CNC_B9U.dll
2013-09-28 08:11:33 ----A---- C:\Windows\SysWOW64\CNC_B9L.dll
2013-09-28 08:09:23 ----D---- C:\ProgramData\CanonIJWSpt
2013-09-28 07:50:27 ----D---- C:\ProgramData\CanonIJPLM
2013-09-28 07:49:21 ----HD---- C:\ProgramData\CanonIJETV
2013-09-28 07:47:56 ----D---- C:\Program Files (x86)\Canon
2013-09-27 12:07:17 ----D---- C:\Program Files (x86)\DsNET Corp
2013-09-25 10:55:04 ----HD---- C:\ProgramData\CanonBJ
2013-09-19 10:57:32 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-09-11 21:54:52 ----A---- C:\Windows\SysWOW64\shell32.dll
2013-09-11 21:54:52 ----A---- C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 21:54:40 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 21:54:40 ----A---- C:\Windows\SysWOW64\kernel32.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:54:39 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:54:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:54:37 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2013-09-09 11:12:36 ----D---- C:\Program Files (x86)\HTC
2013-09-09 10:12:14 ----A---- C:\Windows\SysWOW64\CSVer.dll
======List of files/folders modified in the last 3 months======
2013-12-01 12:36:35 ----D---- C:\Windows\Temp
2013-12-01 12:31:48 ----RD---- C:\Program Files (x86)
2013-12-01 12:30:27 ----D---- C:\Program Files (x86)\Common Files
2013-12-01 12:30:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-01 12:30:16 ----D---- C:\Windows\SysWOW64
2013-12-01 12:30:12 ----SHD---- C:\System Volume Information
2013-12-01 12:25:46 ----SHD---- C:\Windows\Installer
2013-12-01 12:25:45 ----HD---- C:\Config.Msi
2013-12-01 12:25:45 ----D---- C:\Windows\inf
2013-12-01 12:25:44 ----RD---- C:\Program Files
2013-12-01 12:25:24 ----D---- C:\Windows\System32
2013-12-01 12:25:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-29 18:40:04 ----HD---- C:\ProgramData
2013-11-29 17:24:21 ----D---- C:\Windows
2013-11-28 21:29:34 ----D---- C:\Windows\winsxs
2013-11-28 21:29:04 ----D---- C:\Windows\SysWOW64\en-US
2013-11-28 21:29:04 ----D---- C:\Windows\en-US
2013-11-28 21:29:03 ----D---- C:\Windows\PolicyDefinitions
2013-11-27 15:50:49 ----D---- C:\Users\Thomaz\AppData\Roaming\vlc
2013-11-27 14:54:14 ----RSD---- C:\Windows\assembly
2013-11-27 14:53:47 ----D---- C:\Windows\Microsoft.NET
2013-11-27 14:50:34 ----D---- C:\Windows\Logs
2013-11-27 14:49:37 ----D---- C:\ProgramData\Microsoft Help
2013-11-27 14:49:27 ----SD---- C:\Users\Thomaz\AppData\Roaming\Microsoft
2013-11-27 13:09:43 ----D---- C:\Users\Thomaz\AppData\Roaming\Vso
2013-11-27 13:09:43 ----D---- C:\Users\Thomaz\AppData\Roaming\uTorrent
2013-11-27 13:09:33 ----D---- C:\Windows\Panther
2013-11-27 12:40:32 ----D---- C:\PerfLogs
2013-11-27 12:18:04 ----A---- C:\Windows\win.ini
2013-11-26 10:59:16 ----D---- C:\Windows\debug
2013-11-26 10:51:19 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-25 19:08:41 ----HD---- C:\Program Files (x86)\Temp
2013-11-25 19:08:32 ----D---- C:\Windows\twain_32
2013-11-25 19:02:03 ----RSD---- C:\Windows\Fonts
2013-11-25 19:02:03 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2013-11-25 18:59:37 ----D---- C:\Program Files (x86)\Common Files\System
2013-11-25 17:51:44 ----D---- C:\Program Files (x86)\Google
2013-11-25 17:45:15 ----D---- C:\Program Files (x86)\Common Files\Adobe
2013-11-20 16:29:46 ----D---- C:\Windows\LiveKernelReports
2013-11-19 17:00:57 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-11-18 20:20:44 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-11-18 20:20:42 ----D---- C:\Windows\Prefetch
2013-11-18 20:16:30 ----D---- C:\ProgramData\TuneUp Software
2013-11-18 18:09:45 ----RD---- C:\Users
2013-11-15 10:49:38 ----D---- C:\Windows\SysWOW64\cs-CZ
2013-11-15 10:49:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-10 11:20:58 ----D---- C:\Windows\AppPatch
2013-10-09 12:28:23 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-03 18:30:19 ----D---- C:\Program Files (x86)\Terasoft
2013-10-02 20:30:30 ----D---- C:\ProgramData\Adobe
2013-10-01 17:18:47 ----D---- C:\Windows\SoftwareDistribution
2013-10-01 17:00:55 ----D---- C:\Windows\Resources
2013-09-28 08:54:52 ----D---- C:\ProgramData\HP
2013-09-28 08:11:34 ----RSD---- C:\Windows\Media
2013-09-28 07:57:47 ----D---- C:\Windows\Tasks
2013-09-18 15:18:51 ----A---- C:\Windows\SysWOW64\Dvbpws.dll
2013-09-09 10:31:53 ----D---- C:\Windows\SysWOW64\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys []
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-12-01 25640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys []
R3 PsxDrv;@%systemroot%\system32\suares.dll,-107; C:\Windows\system32\drivers\psxdrv.sys []
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-18 11880]
S2 BT848;Conexant's BtPCI WDM Video Capture (AMD64); C:\Windows\system32\drivers\BT848.sys []
S3 cpuz135;cpuz135; \??\C:\Users\Thomaz\AppData\Local\Temp\cpuz135\cpuz135_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra\WNt500x64\Sandra.sys [2009-08-07 23112]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUSB;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUSB.sys []
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys []
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE []
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2013-02-13 163840]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe []
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-26 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\MSO2007\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra\RpcAgentSrv.exe [2008-11-25 72344]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
OTL Extras logfile created on: 18.12.2013 14:30:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomaz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,65 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 36,88% Memory free
1,84 Gb Paging File | 0,54 Gb Available in Paging File | 29,16% Paging File free
Paging file location(s): c:\pagefile.sys 160 2538d:\pagefi [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,57 Gb Total Space | 5,71 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive D: | 199,00 Mb Total Space | 108,57 Mb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive E: | 195,21 Gb Total Space | 39,80 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 465,46 Gb Total Space | 465,36 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive J: | 99,02 Mb Total Space | 84,87 Mb Free Space | 85,71% Space Free | Partition Type: FAT32
Computer Name: HOME-PC | User Name: Thomaz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\MSO2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\MSO2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\MSO2007\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /s /k pushd "%1" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\MSO2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\MSO2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\MSO2007\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /s /k pushd "%1" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{077B5404-B7BE-40E8-969B-15F475DE2AA6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0C817B7E-EB48-4184-ADAB-85D1CA802009}" = lport=138 | protocol=17 | dir=in | app=system |
"{120A4A65-9714-4705-BE1C-A8DC6BB791D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AEC7BFC-E6D3-4FC8-93A5-6A9E42423C06}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3162E661-BF59-4808-A2AA-C5B02B97ADB7}" = lport=137 | protocol=17 | dir=in | app=system |
"{32BDE9D6-05F4-4082-85EC-D49D1C9DC4EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FC88B09-CA27-4638-BD4C-1C17E0D64014}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{400312BD-8BB2-4102-AB58-658974007864}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{447A7134-3774-4CA7-AF0E-88F9AAD3BC5D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48F8FCB6-D43E-41D3-83D5-FD5E80EC5DF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49A257C2-977A-4C1C-8904-49975391D4FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4CC72391-C133-4F89-B17F-36DE58ED671F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{568B6E74-C0DE-46F5-BA40-A0DB1DC8BC08}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{60E807A7-259E-48FA-B345-997E16907FB9}" = rport=139 | protocol=6 | dir=out | app=system |
"{6CF4699F-3547-46AA-9EDD-27A8E3678C02}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7338CFA4-9044-4049-A261-FEB990AE809B}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra\wnt500x64\rpcsandrasrv.exe |
"{743004D6-4495-4E7F-8685-F926E366019C}" = rport=137 | protocol=17 | dir=out | app=system |
"{7520E8B8-21F7-4D65-92AE-6A7087A34F35}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7523BAEF-C6E6-4074-A17E-0973EE040589}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E626351-3C25-45A0-B3DD-65899ABC6E22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F7DBF2E-9EB1-4E5A-B70B-6084B57AE7BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8149BE6B-E66F-4AAA-ABBB-5EB4D40D8360}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8370A84F-C973-4F68-A961-6D7FC1D11CBA}" = rport=445 | protocol=6 | dir=out | app=system |
"{91365972-53C3-4718-BD87-BB5D0EBB06D3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93CDF008-ACC0-488B-B0B3-7A9AB92A30A4}" = rport=2869 | protocol=6 | dir=out | app=system |
"{9F004452-36FE-4408-B930-1A827FEF3E6F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A2990A95-B023-4B11-9928-0350555B6B2E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A34DF8AD-DA4A-49F7-A5E0-BCA230FFC749}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7D9AA2A-43E3-4A9D-9BD0-DB963756F6EE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ACA2CA2A-F33C-417C-A7FD-B82987414477}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADA54E5A-C303-4806-B11D-404BB412B0EB}" = lport=445 | protocol=6 | dir=in | app=system |
"{AEC24FE3-BFA7-498E-9C68-4A3DCB1B67ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1A45EAA-F406-4037-8880-FF23F5E7425F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B5319B8C-7713-4922-8B23-575F1476E4CF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BAB61BFE-CE74-4A3A-B92A-7B7E2FC988A3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF4573E7-415F-4B4A-9C5F-D18C0FE976B6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFB8FEC3-E9FB-4F54-8D8D-76C7140F7AAF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C4D0651F-EFAC-4672-AF14-69CBB2E14635}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BEFB9D-7506-4B50-807C-3B07C5F5EAAE}" = rport=138 | protocol=17 | dir=out | app=system |
"{D9237A4E-6C2A-41AE-A0F1-DD6B487C073E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD5EC3CF-7F99-422C-A110-CFFBDA0141CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB7C8ACC-DC68-4E26-A747-77223A53617C}" = lport=6004 | protocol=17 | dir=in | app=e:\mso2007\office12\outlook.exe |
"{EC7AE86A-86C9-49D8-8F00-9AEC9360D756}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ECE7CBDB-A1B1-43BA-A618-F0E5C86D886D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EE3537BF-684A-4AC9-A71A-436AC4413E63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBD23261-670F-4741-8343-5F4EC5367E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FE0731C7-E013-459E-BC5A-0A8E284BD362}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF7183F7-CEA0-49DB-9099-A66B847DC593}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra\rpcagentsrv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001271AE-3C12-49C3-BA01-ECD9DC81C303}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{013C3B86-6BEA-4217-9C6B-0A254CE00E61}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{099E9587-0D05-4FCB-A8A0-B5542D6B412E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A3375CF-07D0-4ED8-95D7-795D53898308}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0AF8BEEC-C08D-45B6-9861-3C4025D37F5B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0DADDA3B-6B2A-48C8-B412-82572B995C0E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0EEE4C61-AE1A-4AB8-881A-2893B110B553}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{0F823B2F-797C-4089-AC6B-9883D38CBE7F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10E58EB9-E6CC-4695-A1C1-5ED5D5F877A2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{168F06DD-D168-4751-9759-FB25FA2D3971}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{225357B7-B53D-4293-BDA0-34733B32CD34}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{29A1F0B2-7901-49B0-8649-650FC6192CEB}" = protocol=17 | dir=in | app=e:\mso2007\office12\onenote.exe |
"{425B9D38-B6FE-49EB-89AD-9BB85E6A858C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{462D185B-644C-4E11-9A73-650B9F269294}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50A7891E-1808-460E-A42C-E79995CC7B92}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{5126DC14-9836-4BC6-9990-55E96D8A4479}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{586F430E-42D5-418A-B942-AA266FBB02AD}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{590DA248-C670-4C3B-87A0-900540E17E57}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{62033515-6D4F-40AF-B78D-05812B9552DC}" = protocol=6 | dir=in | app=e:\mso2007\office12\onenote.exe |
"{65A166B2-A8F0-4926-828F-01A1F6B6AEF2}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{67792FA0-69BE-4EAC-8A3F-CB38F7E72D87}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6ADA6687-6816-4658-8946-6E229508B955}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6B4CFC15-2349-4D82-A676-42318452C030}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C7B286D-0E1B-4AC9-94B7-2784594A008E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7DE2F96D-D160-44B0-BF16-25E020E3F2F5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{807FEA3A-4C3D-43BC-9015-1DCB1E9191D1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83C5C58A-ED90-4D3E-9193-49C293889F4C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8549EEE2-D2EB-49BD-9F10-FF28067CB3EC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{86E535A1-0E00-4A1E-BC2F-676C6AF767DC}" = protocol=58 | dir=in | app=system |
"{8768E5FC-3231-4CCF-AED3-99B53ECE48DF}" = protocol=17 | dir=in | app=e:\mso2007\office12\groove.exe |
"{8A0300A8-E1EE-4C9E-86D9-398C9403A10A}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{8C7D29E8-AED3-4058-8AB9-691A45D88693}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{90A45301-8FEF-4580-A493-8D71B1F99528}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{952D9E44-6733-4A65-AAEA-D8D581D0F3D2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C91F8F5-3DA8-4EFC-86CE-B524F69BE5C9}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{9F717C11-9AC4-47B2-A18D-8FB600D94820}" = protocol=6 | dir=in | app=e:\mso2007\office12\groove.exe |
"{A67B4DC3-871A-4D26-AE7B-7B90309AC0A9}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ACED464E-B4D0-4E36-892C-05CDF8C5641C}" = protocol=6 | dir=out | app=system |
"{AF8199D6-A6C9-4E65-8B51-E41DD9DB9086}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2572225-A747-4581-B6D3-7F94A29B8910}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C46ECFFC-DA4E-4B56-8A51-DEF74A676370}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CDEF57AA-084F-40C6-AF21-A304AF23B07C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{D5897977-7F91-4196-9256-AD28CFDB127B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D6D979C8-7362-41D0-959F-C9B97D14009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EEDCFE2A-C37D-4846-9BA3-2DE21931300A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1C80514-647F-49E8-9AB4-F8B54D0098BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F5DB58D3-0378-4D64-8824-F6ED9E5095EF}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{FB22ADA6-4D18-4BF4-9033-5A6C32447FAF}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FD294899-9331-446A-A9E9-BE86FDE565D2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"TCP Query User{D835BEFF-DAFB-494A-A221-A814D6682B35}E:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe" = protocol=6 | dir=in | app=e:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe |
"TCP Query User{EA79A5BA-762E-4FB8-94C8-2444635518D7}C:\program files (x86)\odeon\jaf\jcop.exe" = protocol=6 | dir=in | app=c:\program files (x86)\odeon\jaf\jcop.exe |
"TCP Query User{FFA11069-AFC8-449E-99A8-2D4DC93AAFDB}E:\xboxsdk\bin\win32\audconsole3.exe" = protocol=6 | dir=in | app=e:\xboxsdk\bin\win32\audconsole3.exe |
"UDP Query User{67180E58-66CE-4287-8DE7-F7EF0FFA060B}C:\program files (x86)\odeon\jaf\jcop.exe" = protocol=17 | dir=in | app=c:\program files (x86)\odeon\jaf\jcop.exe |
"UDP Query User{FF53377F-54F3-4332-99A8-13B3C2CA9778}E:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe" = protocol=17 | dir=in | app=e:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe |
"UDP Query User{FF84A81E-1C54-4C96-B308-A08A7287FCAF}E:\xboxsdk\bin\win32\audconsole3.exe" = protocol=17 | dir=in | app=e:\xboxsdk\bin\win32\audconsole3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series" = Canon MG4200 series MP Drivers
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{982D51EA-A438-4FD2-AB65-A6654759C55F}" = Activdriver x64 v4.1.14
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2014.RTM
"{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}" = RT 7 Lite x64
"{F24FF688-7138-4CCF-A83F-71E9FB01170E}" = Folder Size (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"FlashBoot_is1" = FlashBoot 2.2d
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}" = Microsoft Server Speech Platform Runtime (x86)
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3279C61F-330C-47A0-B530-FE9A4715CCA7}" = Activstudio Help (GBR) v3.7.1
"{38EB2A93-A0A5-4446-9866-6640ABC252E1}_is1" = XB360 Modder v4.0
"{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1" = Modio
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A5D33DC-C938-494F-B0C8-9D62D177FB92}" = Activstudio Resources (GBR) v3.5.1
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4F080D5D-D6CA-4BE7-AF4C-44E7DC04D41E}" = Activstudio Docs (GBR) v3.7.1
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{857a137e-95f5-4e31-b787-ee5d2017af2a}" = Party City Casino
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{929B1254-D7F9-403A-8234-EE348E448820}" = Activstudio Professional Edition v3.7
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A946A6CC-E9F2-44A8-9A8D-095C756AF4EB}" = Microsoft Speech Platform SDK (x86) v11.0
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B48F9C44-C904-4FA3-984D-F65AE4C49745}" = Zoner Media Explorer 5
"{B4C88CF0-B617-4658-8F84-C4E847FBC9F7}" = Microsoft Managed DirectX (1126)
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EECDD185-7E84-49AA-B52D-2BAF21366EAE}" = Microsoft Speech Platform SDK Xbox Extensions (x86) v11.0
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"Battlelog Web Plugins" = Battlelog Web Plugins
"Canon MG4200 series On-screen Manual" = Canon MG4200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"ČJ1 - Pravopis (doporučená instalace)" = ČJ1 - Pravopis (doporučená instalace)
"ČJ3 - Diktáty (doporučená instalace)" = ČJ3 - Diktáty (doporučená instalace)
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.5.9.0
"Dětský koutek 3 (plná instalace)" = Dětský koutek 3 (plná instalace)
"EaseUS Data Recovery Wizard 6.0_is1" = EaseUS Data Recovery Wizard 6.0
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"JAFSetup" = JAF Setup
"JetDownloader" = Jet Downloader
"LinuxLive USB Creator" = LinuxLive USB Creator
"Matematika 1-4 (minimální instalace)" = Matematika 1-4 (minimální instalace)
"Microsoft Xbox 360 SDK" = Microsoft Xbox 360 SDK 2.0.21173.4
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"nLite_is1" = nLite 1.4.9.3
"PartyCasino" = PartyCasino
"PartyPoker" = partypoker
"PE Builder_is1" = PE Builder 3.1.10a
"PowerISO" = PowerISO
"Registrace uživatele zařízení Canon MG4200 series" = Registrace uživatele zařízení Canon MG4200 series
"TS Český jazyk - Vyjmenovaná slova (instalace na disk)" = TS Český jazyk - Vyjmenovaná slova (instalace na disk)
"TS Matematika 5 (instalace na disk)" = TS Matematika 5 (instalace na disk)
"TS Matematika pro prvňáčky 1, verze pro interaktivní tabule (instalace na disk)" = TS Matematika pro prvňáčky 1, verze pro interaktivní tabule (instalace na disk)
"TS Matematika pro prvňáčky 2, verze pro interaktivní tabule (instalace na disk)" = TS Matematika pro prvňáčky 2, verze pro interaktivní tabule (instalace na disk)
"TS Vlastivěda 1 (doporučená instalace)" = TS Vlastivěda 1 (doporučená instalace)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TweakNow PowerPack_is1" = TweakNow PowerPack
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"WinHex" = WinHex
"XPort 360_is1" = XPort 360
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RT 7 Lite x64" = RT 7 Lite (64-Bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.12.2013 8:36:07 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x000000000003300d
ID
chybujícího procesu: 0xd50 Čas spuštění chybující aplikace: 0x01cefb2313b985b8 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: cc9e3ef3-6717-11e3-8cfd-00241dbfc857
Error - 17.12.2013 8:36:07 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 17.12.2013 8:46:59 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: lsm.exe, verze: 6.1.7601.17514, časové razítko:
0x4ce7abf0 Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7601.18205, časové razítko:
0x51dba4dc Kód výjimky: 0xc0000006 Posun chyby: 0x000000000001ace5 ID chybujícího
procesu: 0x2a0 Čas spuštění chybující aplikace: 0x01cefb230941ca38 Cesta k chybující
aplikaci: C:\Windows\system32\lsm.exe Cesta k chybujícímu modulu: C:\Windows\system32\RPCRT4.dll
ID
zprávy: 512dc559-6719-11e3-8cfd-00241dbfc857
Error - 17.12.2013 8:46:59 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Local Session Manager Service. Program:
Local Session Manager Service Soubor: Hodnota chyby je uvedena v části Další údaje.
Akce
uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém, který se při
novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze získat přístup
a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k problému se sítí
a zda lze server kontaktovat. - Je na vyměnitelném disku (například disketě nebo
disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte a
opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 17.12.2013 8:47:02 | Computer Name = HOME-PC | Source = Wininit | ID = 1015
Description = Došlo k selhání kritického systémového procesu C:\Windows\system32\lsm.exe
se stavovým kódem 255. Počítač je nyní nutné restartovat.
Error - 18.12.2013 6:00:06 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000072967
ID
chybujícího procesu: 0x970 Čas spuštění chybující aplikace: 0x01cefbd5ef8a1d17 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 2b284e15-67cb-11e3-8785-00241dbfc857
Error - 18.12.2013 6:00:06 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 18.12.2013 9:12:10 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x00000000000604a9
ID
chybujícího procesu: 0x9d4 Čas spuštění chybující aplikace: 0x01cefbf169bc6a72 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 003886ff-67e6-11e3-b80b-00241dbfc857
Error - 18.12.2013 9:12:10 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 18.12.2013 9:37:32 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000043a22
ID
chybujícího procesu: 0xc3c Čas spuštění chybující aplikace: 0x01cefbf502c05d5b Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 8b2cff4b-67e9-11e3-b44f-00241dbfc857
Error - 18.12.2013 9:37:32 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
[ System Events ]
Error - 18.12.2013 9:27:52 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba Conexant's BtPCI WDM Video Capture (AMD64) neuspěla při spuštění
v důsledku následující chyby: %%577
Error - 18.12.2013 9:28:40 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 18.12.2013 9:28:53 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 18.12.2013 9:29:00 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba Folder Size byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 18.12.2013 9:37:16 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:42 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:46 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:52 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:58 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:38:07 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Defender byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomaz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,65 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 36,88% Memory free
1,84 Gb Paging File | 0,54 Gb Available in Paging File | 29,16% Paging File free
Paging file location(s): c:\pagefile.sys 160 2538d:\pagefi [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,57 Gb Total Space | 5,71 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive D: | 199,00 Mb Total Space | 108,57 Mb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive E: | 195,21 Gb Total Space | 39,80 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 465,46 Gb Total Space | 465,36 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive J: | 99,02 Mb Total Space | 84,87 Mb Free Space | 85,71% Space Free | Partition Type: FAT32
Computer Name: HOME-PC | User Name: Thomaz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\MSO2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\MSO2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\MSO2007\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /s /k pushd "%1" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\MSO2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\MSO2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\MSO2007\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /s /k pushd "%1" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{077B5404-B7BE-40E8-969B-15F475DE2AA6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0C817B7E-EB48-4184-ADAB-85D1CA802009}" = lport=138 | protocol=17 | dir=in | app=system |
"{120A4A65-9714-4705-BE1C-A8DC6BB791D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AEC7BFC-E6D3-4FC8-93A5-6A9E42423C06}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3162E661-BF59-4808-A2AA-C5B02B97ADB7}" = lport=137 | protocol=17 | dir=in | app=system |
"{32BDE9D6-05F4-4082-85EC-D49D1C9DC4EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FC88B09-CA27-4638-BD4C-1C17E0D64014}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{400312BD-8BB2-4102-AB58-658974007864}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{447A7134-3774-4CA7-AF0E-88F9AAD3BC5D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48F8FCB6-D43E-41D3-83D5-FD5E80EC5DF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49A257C2-977A-4C1C-8904-49975391D4FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4CC72391-C133-4F89-B17F-36DE58ED671F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{568B6E74-C0DE-46F5-BA40-A0DB1DC8BC08}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{60E807A7-259E-48FA-B345-997E16907FB9}" = rport=139 | protocol=6 | dir=out | app=system |
"{6CF4699F-3547-46AA-9EDD-27A8E3678C02}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7338CFA4-9044-4049-A261-FEB990AE809B}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra\wnt500x64\rpcsandrasrv.exe |
"{743004D6-4495-4E7F-8685-F926E366019C}" = rport=137 | protocol=17 | dir=out | app=system |
"{7520E8B8-21F7-4D65-92AE-6A7087A34F35}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7523BAEF-C6E6-4074-A17E-0973EE040589}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E626351-3C25-45A0-B3DD-65899ABC6E22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F7DBF2E-9EB1-4E5A-B70B-6084B57AE7BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8149BE6B-E66F-4AAA-ABBB-5EB4D40D8360}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8370A84F-C973-4F68-A961-6D7FC1D11CBA}" = rport=445 | protocol=6 | dir=out | app=system |
"{91365972-53C3-4718-BD87-BB5D0EBB06D3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{93CDF008-ACC0-488B-B0B3-7A9AB92A30A4}" = rport=2869 | protocol=6 | dir=out | app=system |
"{9F004452-36FE-4408-B930-1A827FEF3E6F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A2990A95-B023-4B11-9928-0350555B6B2E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A34DF8AD-DA4A-49F7-A5E0-BCA230FFC749}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7D9AA2A-43E3-4A9D-9BD0-DB963756F6EE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ACA2CA2A-F33C-417C-A7FD-B82987414477}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADA54E5A-C303-4806-B11D-404BB412B0EB}" = lport=445 | protocol=6 | dir=in | app=system |
"{AEC24FE3-BFA7-498E-9C68-4A3DCB1B67ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1A45EAA-F406-4037-8880-FF23F5E7425F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B5319B8C-7713-4922-8B23-575F1476E4CF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BAB61BFE-CE74-4A3A-B92A-7B7E2FC988A3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF4573E7-415F-4B4A-9C5F-D18C0FE976B6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFB8FEC3-E9FB-4F54-8D8D-76C7140F7AAF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C4D0651F-EFAC-4672-AF14-69CBB2E14635}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BEFB9D-7506-4B50-807C-3B07C5F5EAAE}" = rport=138 | protocol=17 | dir=out | app=system |
"{D9237A4E-6C2A-41AE-A0F1-DD6B487C073E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD5EC3CF-7F99-422C-A110-CFFBDA0141CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB7C8ACC-DC68-4E26-A747-77223A53617C}" = lport=6004 | protocol=17 | dir=in | app=e:\mso2007\office12\outlook.exe |
"{EC7AE86A-86C9-49D8-8F00-9AEC9360D756}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ECE7CBDB-A1B1-43BA-A618-F0E5C86D886D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EE3537BF-684A-4AC9-A71A-436AC4413E63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBD23261-670F-4741-8343-5F4EC5367E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FE0731C7-E013-459E-BC5A-0A8E284BD362}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF7183F7-CEA0-49DB-9099-A66B847DC593}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra\rpcagentsrv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001271AE-3C12-49C3-BA01-ECD9DC81C303}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{013C3B86-6BEA-4217-9C6B-0A254CE00E61}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{099E9587-0D05-4FCB-A8A0-B5542D6B412E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A3375CF-07D0-4ED8-95D7-795D53898308}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0AF8BEEC-C08D-45B6-9861-3C4025D37F5B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0DADDA3B-6B2A-48C8-B412-82572B995C0E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0EEE4C61-AE1A-4AB8-881A-2893B110B553}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{0F823B2F-797C-4089-AC6B-9883D38CBE7F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10E58EB9-E6CC-4695-A1C1-5ED5D5F877A2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{168F06DD-D168-4751-9759-FB25FA2D3971}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{225357B7-B53D-4293-BDA0-34733B32CD34}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{29A1F0B2-7901-49B0-8649-650FC6192CEB}" = protocol=17 | dir=in | app=e:\mso2007\office12\onenote.exe |
"{425B9D38-B6FE-49EB-89AD-9BB85E6A858C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{462D185B-644C-4E11-9A73-650B9F269294}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50A7891E-1808-460E-A42C-E79995CC7B92}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{5126DC14-9836-4BC6-9990-55E96D8A4479}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{586F430E-42D5-418A-B942-AA266FBB02AD}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{590DA248-C670-4C3B-87A0-900540E17E57}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{62033515-6D4F-40AF-B78D-05812B9552DC}" = protocol=6 | dir=in | app=e:\mso2007\office12\onenote.exe |
"{65A166B2-A8F0-4926-828F-01A1F6B6AEF2}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{67792FA0-69BE-4EAC-8A3F-CB38F7E72D87}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6ADA6687-6816-4658-8946-6E229508B955}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6B4CFC15-2349-4D82-A676-42318452C030}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C7B286D-0E1B-4AC9-94B7-2784594A008E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7DE2F96D-D160-44B0-BF16-25E020E3F2F5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{807FEA3A-4C3D-43BC-9015-1DCB1E9191D1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83C5C58A-ED90-4D3E-9193-49C293889F4C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8549EEE2-D2EB-49BD-9F10-FF28067CB3EC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{86E535A1-0E00-4A1E-BC2F-676C6AF767DC}" = protocol=58 | dir=in | app=system |
"{8768E5FC-3231-4CCF-AED3-99B53ECE48DF}" = protocol=17 | dir=in | app=e:\mso2007\office12\groove.exe |
"{8A0300A8-E1EE-4C9E-86D9-398C9403A10A}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{8C7D29E8-AED3-4058-8AB9-691A45D88693}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{90A45301-8FEF-4580-A493-8D71B1F99528}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{952D9E44-6733-4A65-AAEA-D8D581D0F3D2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C91F8F5-3DA8-4EFC-86CE-B524F69BE5C9}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{9F717C11-9AC4-47B2-A18D-8FB600D94820}" = protocol=6 | dir=in | app=e:\mso2007\office12\groove.exe |
"{A67B4DC3-871A-4D26-AE7B-7B90309AC0A9}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ACED464E-B4D0-4E36-892C-05CDF8C5641C}" = protocol=6 | dir=out | app=system |
"{AF8199D6-A6C9-4E65-8B51-E41DD9DB9086}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2572225-A747-4581-B6D3-7F94A29B8910}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C46ECFFC-DA4E-4B56-8A51-DEF74A676370}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CDEF57AA-084F-40C6-AF21-A304AF23B07C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{D5897977-7F91-4196-9256-AD28CFDB127B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D6D979C8-7362-41D0-959F-C9B97D14009E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EEDCFE2A-C37D-4846-9BA3-2DE21931300A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1C80514-647F-49E8-9AB4-F8B54D0098BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F5DB58D3-0378-4D64-8824-F6ED9E5095EF}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{FB22ADA6-4D18-4BF4-9033-5A6C32447FAF}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FD294899-9331-446A-A9E9-BE86FDE565D2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"TCP Query User{D835BEFF-DAFB-494A-A221-A814D6682B35}E:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe" = protocol=6 | dir=in | app=e:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe |
"TCP Query User{EA79A5BA-762E-4FB8-94C8-2444635518D7}C:\program files (x86)\odeon\jaf\jcop.exe" = protocol=6 | dir=in | app=c:\program files (x86)\odeon\jaf\jcop.exe |
"TCP Query User{FFA11069-AFC8-449E-99A8-2D4DC93AAFDB}E:\xboxsdk\bin\win32\audconsole3.exe" = protocol=6 | dir=in | app=e:\xboxsdk\bin\win32\audconsole3.exe |
"UDP Query User{67180E58-66CE-4287-8DE7-F7EF0FFA060B}C:\program files (x86)\odeon\jaf\jcop.exe" = protocol=17 | dir=in | app=c:\program files (x86)\odeon\jaf\jcop.exe |
"UDP Query User{FF53377F-54F3-4332-99A8-13B3C2CA9778}E:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe" = protocol=17 | dir=in | app=e:\xbox\xm360v2.0d\xm360v2.0d\server\xm360server.exe |
"UDP Query User{FF84A81E-1C54-4C96-B308-A08A7287FCAF}E:\xboxsdk\bin\win32\audconsole3.exe" = protocol=17 | dir=in | app=e:\xboxsdk\bin\win32\audconsole3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series" = Canon MG4200 series MP Drivers
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{982D51EA-A438-4FD2-AB65-A6654759C55F}" = Activdriver x64 v4.1.14
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2014.RTM
"{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}" = RT 7 Lite x64
"{F24FF688-7138-4CCF-A83F-71E9FB01170E}" = Folder Size (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"FlashBoot_is1" = FlashBoot 2.2d
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}" = Microsoft Server Speech Platform Runtime (x86)
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3279C61F-330C-47A0-B530-FE9A4715CCA7}" = Activstudio Help (GBR) v3.7.1
"{38EB2A93-A0A5-4446-9866-6640ABC252E1}_is1" = XB360 Modder v4.0
"{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1" = Modio
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A5D33DC-C938-494F-B0C8-9D62D177FB92}" = Activstudio Resources (GBR) v3.5.1
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4F080D5D-D6CA-4BE7-AF4C-44E7DC04D41E}" = Activstudio Docs (GBR) v3.7.1
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{857a137e-95f5-4e31-b787-ee5d2017af2a}" = Party City Casino
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{929B1254-D7F9-403A-8234-EE348E448820}" = Activstudio Professional Edition v3.7
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A946A6CC-E9F2-44A8-9A8D-095C756AF4EB}" = Microsoft Speech Platform SDK (x86) v11.0
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B48F9C44-C904-4FA3-984D-F65AE4C49745}" = Zoner Media Explorer 5
"{B4C88CF0-B617-4658-8F84-C4E847FBC9F7}" = Microsoft Managed DirectX (1126)
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EECDD185-7E84-49AA-B52D-2BAF21366EAE}" = Microsoft Speech Platform SDK Xbox Extensions (x86) v11.0
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"Battlelog Web Plugins" = Battlelog Web Plugins
"Canon MG4200 series On-screen Manual" = Canon MG4200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"ČJ1 - Pravopis (doporučená instalace)" = ČJ1 - Pravopis (doporučená instalace)
"ČJ3 - Diktáty (doporučená instalace)" = ČJ3 - Diktáty (doporučená instalace)
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.5.9.0
"Dětský koutek 3 (plná instalace)" = Dětský koutek 3 (plná instalace)
"EaseUS Data Recovery Wizard 6.0_is1" = EaseUS Data Recovery Wizard 6.0
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"JAFSetup" = JAF Setup
"JetDownloader" = Jet Downloader
"LinuxLive USB Creator" = LinuxLive USB Creator
"Matematika 1-4 (minimální instalace)" = Matematika 1-4 (minimální instalace)
"Microsoft Xbox 360 SDK" = Microsoft Xbox 360 SDK 2.0.21173.4
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"nLite_is1" = nLite 1.4.9.3
"PartyCasino" = PartyCasino
"PartyPoker" = partypoker
"PE Builder_is1" = PE Builder 3.1.10a
"PowerISO" = PowerISO
"Registrace uživatele zařízení Canon MG4200 series" = Registrace uživatele zařízení Canon MG4200 series
"TS Český jazyk - Vyjmenovaná slova (instalace na disk)" = TS Český jazyk - Vyjmenovaná slova (instalace na disk)
"TS Matematika 5 (instalace na disk)" = TS Matematika 5 (instalace na disk)
"TS Matematika pro prvňáčky 1, verze pro interaktivní tabule (instalace na disk)" = TS Matematika pro prvňáčky 1, verze pro interaktivní tabule (instalace na disk)
"TS Matematika pro prvňáčky 2, verze pro interaktivní tabule (instalace na disk)" = TS Matematika pro prvňáčky 2, verze pro interaktivní tabule (instalace na disk)
"TS Vlastivěda 1 (doporučená instalace)" = TS Vlastivěda 1 (doporučená instalace)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TweakNow PowerPack_is1" = TweakNow PowerPack
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"WinHex" = WinHex
"XPort 360_is1" = XPort 360
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RT 7 Lite x64" = RT 7 Lite (64-Bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.12.2013 8:36:07 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x000000000003300d
ID
chybujícího procesu: 0xd50 Čas spuštění chybující aplikace: 0x01cefb2313b985b8 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: cc9e3ef3-6717-11e3-8cfd-00241dbfc857
Error - 17.12.2013 8:36:07 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 17.12.2013 8:46:59 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: lsm.exe, verze: 6.1.7601.17514, časové razítko:
0x4ce7abf0 Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7601.18205, časové razítko:
0x51dba4dc Kód výjimky: 0xc0000006 Posun chyby: 0x000000000001ace5 ID chybujícího
procesu: 0x2a0 Čas spuštění chybující aplikace: 0x01cefb230941ca38 Cesta k chybující
aplikaci: C:\Windows\system32\lsm.exe Cesta k chybujícímu modulu: C:\Windows\system32\RPCRT4.dll
ID
zprávy: 512dc559-6719-11e3-8cfd-00241dbfc857
Error - 17.12.2013 8:46:59 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Local Session Manager Service. Program:
Local Session Manager Service Soubor: Hodnota chyby je uvedena v části Další údaje.
Akce
uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém, který se při
novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze získat přístup
a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k problému se sítí
a zda lze server kontaktovat. - Je na vyměnitelném disku (například disketě nebo
disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte a
opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 17.12.2013 8:47:02 | Computer Name = HOME-PC | Source = Wininit | ID = 1015
Description = Došlo k selhání kritického systémového procesu C:\Windows\system32\lsm.exe
se stavovým kódem 255. Počítač je nyní nutné restartovat.
Error - 18.12.2013 6:00:06 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000072967
ID
chybujícího procesu: 0x970 Čas spuštění chybující aplikace: 0x01cefbd5ef8a1d17 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 2b284e15-67cb-11e3-8785-00241dbfc857
Error - 18.12.2013 6:00:06 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 18.12.2013 9:12:10 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x00000000000604a9
ID
chybujícího procesu: 0x9d4 Čas spuštění chybující aplikace: 0x01cefbf169bc6a72 Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 003886ff-67e6-11e3-b80b-00241dbfc857
Error - 18.12.2013 9:12:10 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
Error - 18.12.2013 9:37:32 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WinDefend, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: mpengine.dll, verze: 1.1.10100.0,
časové razítko: 0x527c55db Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000043a22
ID
chybujícího procesu: 0xc3c Čas spuštění chybující aplikace: 0x01cefbf502c05d5b Cesta
k chybující aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu:
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0760870E-5510-472B-A725-AAC42B2DA60E}\mpengine.dll
ID
zprávy: 8b2cff4b-67e9-11e3-b44f-00241dbfc857
Error - 18.12.2013 9:37:32 | Computer Name = HOME-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Host Process for Windows Services. Program:
Host Process for Windows Services Soubor: Hodnota chyby je uvedena v části Další
údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný problém,
který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru stále nelze
získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k
problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku (například
disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače. 3. Zkontrolujte
a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete
na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK.
Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud
potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda lze otevřít jiné
soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný
disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí
o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 0
[ System Events ]
Error - 18.12.2013 9:27:52 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba Conexant's BtPCI WDM Video Capture (AMD64) neuspěla při spuštění
v důsledku následující chyby: %%577
Error - 18.12.2013 9:28:40 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 18.12.2013 9:28:53 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 18.12.2013 9:29:00 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7034
Description = Služba Folder Size byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 18.12.2013 9:37:16 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:42 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:46 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:52 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:37:58 | Computer Name = HOME-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error - 18.12.2013 9:38:07 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Defender byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
< End of report >
Re: Kontrola logu
OTL logfile created on: 18.12.2013 14:30:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomaz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,65 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 36,88% Memory free
1,84 Gb Paging File | 0,54 Gb Available in Paging File | 29,16% Paging File free
Paging file location(s): c:\pagefile.sys 160 2538d:\pagefi [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,57 Gb Total Space | 5,71 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive D: | 199,00 Mb Total Space | 108,57 Mb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive E: | 195,21 Gb Total Space | 39,80 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 465,46 Gb Total Space | 465,36 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive J: | 99,02 Mb Total Space | 84,87 Mb Free Space | 85,71% Space Free | Partition Type: FAT32
Computer Name: HOME-PC | User Name: Thomaz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.12.18 14:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
PRC - [2013.11.14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.03.02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
========== Modules (No Company Name) ==========
MOD - [2013.11.14 12:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013.11.14 12:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013.11.14 12:28:37 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
MOD - [2013.11.14 12:28:36 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
MOD - [2013.11.14 12:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.02.13 00:36:28 | 000,163,840 | ---- | M] (Brio) [Auto | Stopped] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 02:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV:64bit: - [2008.11.25 01:45:14 | 000,072,344 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2013.11.26 10:51:19 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.19 12:10:58 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\MSO2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.11.01 15:10:16 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.10.23 15:11:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013.02.14 18:12:54 | 000,421,248 | ---- | M] (Illusion & Hope. Porting to AMD64 by Sergey Sakharov.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\BT848.sys -- (BT848)
DRV:64bit: - [2012.11.15 01:57:04 | 010,629,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.25 14:04:40 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.11.25 14:04:40 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.08.17 10:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.08.17 10:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.06.25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.02.01 13:18:40 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.11.01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.07.14 00:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009.06.10 21:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.06.16 14:40:02 | 000,007,168 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)
DRV:64bit: - [2008.06.16 14:39:56 | 000,065,536 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV - [2013.12.18 14:27:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.09.18 16:02:02 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 26 70 9A F5 DA CA 01 [binary data]
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\SearchScopes,DefaultScope = {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchT ... BFORID%3A1
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - user.js..browser.startup.homepage: "http://search.us.com/v/2/?guid={48207CB ... }&serpv=17"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Thomaz\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
[2010.02.01 17:56:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Extensions
[2013.11.28 15:39:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Firefox\Profiles\0f8zext3.default\extensions
[2012.05.25 16:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Firefox\Profiles\0f8zext3.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: npAPI Plugin (Enabled) = C:\Users\Thomaz\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll
CHR - plugin: npAPI Ghost Plugin (Enabled) = C:\Users\Thomaz\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - Extension: YouTube = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: I \u003C3 House Music = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbihiclmkdmbnihofkkhlmdefkclbfkj\1_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MSO2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000..\Run: [A9476D6375887E276D5141E740DED5D734FD79AE._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000..\Run: [Facebook Update] C:\Users\Thomaz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 01 00 00 00 [binary data]
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - E:\MSO2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - E:\MSO2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSO2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5342CF02-BCF7-48A7-9189-FD9008B83569}: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D05DF42D-D9C0-433D-906C-113503B1D3A1}: DhcpNameServer = 94.74.192.252 94.74.192.244
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MSO2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\MSO2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.12.18 14:12:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
[2013.12.18 11:05:57 | 000,000,000 | ---D | C] -- C:\Boot
[2013.12.16 10:14:27 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODEON
[2013.12.16 10:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODEON
[2013.12.16 10:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2013.12.16 10:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ODEON
[2013.12.10 22:54:20 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Your Freedom
[2013.12.08 20:56:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RT 7 Lite
[2013.12.08 20:56:00 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
[2013.12.08 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Rockers Team
[2013.12.08 19:33:34 | 000,000,000 | ---D | C] -- C:\Intel
[2013.12.08 17:32:52 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013.12.08 17:32:13 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Facebook
[2013.12.06 16:31:10 | 332,021,496 | ---- | C] (Microsoft Corporation) -- C:\WSSP1.exe
[2013.12.06 15:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashBoot
[2013.12.06 15:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\FlashBoot
[2013.12.05 19:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Builder
[2013.12.05 19:25:17 | 000,000,000 | ---D | C] -- C:\pebuilder
[2013.12.03 16:19:30 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2013.12.03 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2013.12.01 16:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2013.12.01 16:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\nLite
[2013.12.01 13:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
[2013.12.01 12:34:58 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.29 18:40:11 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Malwarebytes
[2013.11.29 18:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.11.29 18:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\FolderSize
[2013.11.29 17:24:27 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\ElevatedDiagnostics
[2013.11.29 16:50:16 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\VirtualBox VMs
[2013.11.29 16:47:50 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\.VirtualBox
[2013.11.29 16:46:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.11.28 21:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SUA
[2013.11.28 21:29:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
[2013.11.28 21:12:19 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013.11.28 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2013.11.27 15:17:49 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Apps
[2013.11.27 15:13:29 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\File Viewer
[2013.11.27 14:54:57 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.11.27 14:54:57 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.11.27 14:54:57 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.11.27 14:54:57 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.11.27 14:54:55 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.11.27 14:54:55 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.11.27 14:54:55 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.11.27 14:54:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.11.27 14:54:54 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.11.27 14:54:54 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.11.27 14:54:54 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.11.27 14:54:54 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.11.27 14:54:54 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.11.27 14:54:54 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.11.27 14:54:54 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.11.27 14:54:54 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.11.27 14:54:53 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.11.27 14:54:53 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.11.27 14:54:53 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.11.27 14:54:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.11.27 14:54:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.11.27 14:54:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.11.27 14:54:52 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.11.27 14:54:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.11.27 14:54:49 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.11.27 14:54:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.11.27 14:54:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.11.27 14:54:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.11.27 14:54:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.11.27 14:54:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.11.27 14:54:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.11.27 14:54:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.11.27 14:54:45 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.11.27 14:54:45 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.11.27 14:54:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.11.27 14:54:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.11.27 14:54:45 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.11.27 14:54:45 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.11.27 14:54:44 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.11.27 14:54:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.11.27 14:54:44 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.11.27 14:54:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.11.27 14:54:43 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.11.27 14:54:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.11.27 14:54:43 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.11.27 14:54:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.11.27 14:54:43 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.11.27 14:54:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.11.27 14:54:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.11.27 14:54:42 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.11.27 14:54:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.11.27 14:54:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.11.27 14:54:41 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.11.27 14:54:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.11.27 14:54:41 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.11.27 14:54:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.11.27 14:54:41 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.11.27 14:54:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.11.27 14:54:40 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.11.27 14:54:40 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.11.27 14:54:40 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.11.27 14:54:40 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.11.27 14:54:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.11.27 14:54:39 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.11.27 14:54:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.11.27 14:54:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.11.27 14:54:38 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.11.27 14:54:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.11.27 14:54:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.11.27 14:54:38 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.11.27 14:54:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.11.27 14:54:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.11.27 14:54:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.11.27 14:54:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.11.27 14:54:38 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.11.27 14:54:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.11.27 14:54:37 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.11.27 14:54:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.11.27 14:54:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.11.27 14:54:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.11.27 14:54:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.11.27 14:54:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.11.27 14:54:35 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.11.27 14:54:35 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.11.27 14:54:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.11.27 14:54:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.11.27 14:54:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.11.27 14:54:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.11.27 14:54:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.11.27 14:54:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.11.27 14:54:34 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.11.27 14:54:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.11.27 14:54:33 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.11.27 14:54:33 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.11.27 14:54:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.11.27 14:54:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.11.27 14:54:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.11.27 14:54:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.11.27 14:54:30 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.11.27 14:54:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.11.27 14:54:30 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.11.27 14:54:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.11.27 14:54:29 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.11.27 14:54:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.11.27 14:54:27 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.11.27 14:54:27 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.11.27 14:54:26 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.11.27 14:54:26 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.11.27 14:54:26 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.11.27 14:54:26 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.11.27 14:54:26 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.11.27 14:54:26 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.11.27 14:54:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.11.27 14:54:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.11.27 14:54:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.11.27 14:54:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.11.27 14:54:26 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.11.27 14:54:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.11.27 14:54:25 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.11.27 14:54:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.11.27 14:54:24 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.11.27 14:54:24 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.11.27 14:54:24 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.11.27 14:54:24 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.11.27 14:54:24 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.11.27 14:54:24 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.11.27 14:54:24 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.11.27 14:54:24 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.11.27 14:54:24 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.11.27 14:54:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.11.27 14:54:24 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.11.27 14:54:24 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.11.27 14:54:23 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.11.27 14:54:23 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.11.27 14:54:23 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.11.27 14:54:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.11.27 14:54:23 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.11.27 14:54:23 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.11.27 14:54:22 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.11.27 14:54:22 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.11.27 14:54:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.11.27 14:54:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.11.27 14:54:20 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.11.27 14:54:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.11.27 14:54:20 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.11.27 14:54:20 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.11.27 14:54:19 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.11.27 14:54:19 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.11.27 14:54:18 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.11.27 14:54:18 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.11.27 14:54:18 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.11.27 14:54:18 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.11.27 14:54:18 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.11.27 14:54:18 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.11.27 14:54:18 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.11.27 14:54:18 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.11.27 14:54:17 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.11.27 14:54:17 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.11.27 14:54:16 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.11.27 14:54:16 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.11.27 14:54:16 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.11.27 14:54:16 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.11.27 14:54:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.11.27 14:54:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.11.27 14:54:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.11.27 14:54:06 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.11.27 14:54:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.11.27 14:54:06 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.11.27 14:54:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.11.27 14:54:04 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.11.27 14:54:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.11.27 14:54:02 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.11.27 14:54:02 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.11.27 14:54:01 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.11.27 14:54:01 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.11.27 14:54:00 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.11.27 14:54:00 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.11.27 14:54:00 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.11.27 14:54:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.11.27 14:53:53 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.11.27 14:53:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.11.27 14:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.11.27 14:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2013.11.27 14:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2013.11.27 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\Visual Studio 2005
[2013.11.27 14:47:25 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Programs
[2013.11.27 13:35:58 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\DVDFab
[2013.11.27 13:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.11.27 13:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.27 12:52:55 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.11.27 12:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.11.26 18:40:11 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Modern_Warfare_3_SaveGame
[2013.11.26 18:24:55 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\_
[2013.11.26 18:20:02 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Daring_Development_Inc
[2013.11.25 19:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.11.25 18:59:08 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Microsoft Help
[2013.11.25 17:41:17 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Mozilla
[2013.11.24 12:32:23 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\ESN
[2013.11.23 20:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.11.23 19:02:12 | 003,787,820 | ---- | C] (XB36Hazard) -- C:\Users\Thomaz\Documents\Updater.exe
[2013.11.21 13:42:47 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2013.11.21 13:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013.11.21 13:40:12 | 000,129,944 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013.11.21 13:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2013.11.21 13:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinHex
[2013.11.20 17:01:33 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.11.20 17:01:33 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\Ulozto
[2013.11.20 17:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to File Manager
[2013.11.20 17:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulozto File Manager
[2013.11.20 16:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0
[2013.11.20 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2013.11.19 18:08:06 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.19 18:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow PowerPack
[2013.11.19 18:08:05 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow PowerPack
[2013.11.19 12:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Team360h
[2013.11.19 12:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iso2God
[2013.11.18 20:19:51 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.11.18 20:19:42 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.11.18 20:19:41 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.11.18 20:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.12.18 14:31:47 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.18 14:27:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.12.18 14:27:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.18 14:22:51 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.18 14:22:51 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.18 14:22:35 | 014,024,704 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.mdb
[2013.12.18 14:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
[2013.12.18 14:04:05 | 000,000,064 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.ldb
[2013.12.18 10:59:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.12.18 10:54:15 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.12.18 10:54:09 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2013.12.17 11:37:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
[2013.12.16 09:55:18 | 001,595,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.16 09:55:18 | 000,672,428 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.12.16 09:55:18 | 000,657,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.16 09:55:18 | 000,143,020 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.12.16 09:55:18 | 000,123,266 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.13 22:26:54 | 000,000,000 | -H-- | M] () -- C:\Users\Thomaz\Documents\Default.rdp
[2013.12.13 17:37:05 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.10 17:09:10 | 000,001,057 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\vso_ts_preview.xml
[2013.12.08 20:56:04 | 000,002,233 | ---- | M] () -- C:\Users\Thomaz\Desktop\RT 7 Lite (64-Bit).lnk
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
[2013.12.05 13:55:49 | 000,444,192 | ---- | M] () -- C:\Users\Thomaz\Documents\IMG_20131205_0002.pdf
[2013.12.05 13:54:55 | 000,443,312 | ---- | M] () -- C:\Users\Thomaz\Documents\IMG_20131205_0001.pdf
[2013.12.02 11:59:12 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.11.29 16:48:21 | 000,000,843 | ---- | M] () -- C:\Windows\Active Setup Log.BAK
[2013.11.28 15:09:44 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.27 16:03:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.11.27 16:03:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.11.27 12:27:38 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.11.26 10:51:19 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.11.26 10:51:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.11.26 10:47:20 | 000,426,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.11.25 18:11:25 | 003,787,820 | ---- | M] (XB36Hazard) -- C:\Users\Thomaz\Documents\Updater.exe
[2013.11.19 12:32:02 | 018,840,240 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2013.11.18 18:49:20 | 000,045,056 | ---- | M] () -- C:\Users\Thomaz\Documents\DF6A94F96AD3FADFF8E2B346BEFCBF0754
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomaz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,65 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 36,88% Memory free
1,84 Gb Paging File | 0,54 Gb Available in Paging File | 29,16% Paging File free
Paging file location(s): c:\pagefile.sys 160 2538d:\pagefi [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,57 Gb Total Space | 5,71 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive D: | 199,00 Mb Total Space | 108,57 Mb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive E: | 195,21 Gb Total Space | 39,80 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 465,46 Gb Total Space | 465,36 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive J: | 99,02 Mb Total Space | 84,87 Mb Free Space | 85,71% Space Free | Partition Type: FAT32
Computer Name: HOME-PC | User Name: Thomaz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.12.18 14:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
PRC - [2013.11.14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.03.02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
========== Modules (No Company Name) ==========
MOD - [2013.11.14 12:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013.11.14 12:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013.11.14 12:28:37 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
MOD - [2013.11.14 12:28:36 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
MOD - [2013.11.14 12:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.02.13 00:36:28 | 000,163,840 | ---- | M] (Brio) [Auto | Stopped] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 02:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV:64bit: - [2008.11.25 01:45:14 | 000,072,344 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2013.11.26 10:51:19 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.19 12:10:58 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\MSO2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.11.01 15:10:16 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.10.23 15:11:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013.02.14 18:12:54 | 000,421,248 | ---- | M] (Illusion & Hope. Porting to AMD64 by Sergey Sakharov.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\BT848.sys -- (BT848)
DRV:64bit: - [2012.11.15 01:57:04 | 010,629,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.25 14:04:40 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.11.25 14:04:40 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.08.17 10:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.08.17 10:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.06.25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.02.01 13:18:40 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.11.01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.07.14 00:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009.06.10 21:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.06.16 14:40:02 | 000,007,168 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)
DRV:64bit: - [2008.06.16 14:39:56 | 000,065,536 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV - [2013.12.18 14:27:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.09.18 16:02:02 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 26 70 9A F5 DA CA 01 [binary data]
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\SearchScopes,DefaultScope = {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchT ... BFORID%3A1
IE - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - user.js..browser.startup.homepage: "http://search.us.com/v/2/?guid={48207CB ... }&serpv=17"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Thomaz\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
[2010.02.01 17:56:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Extensions
[2013.11.28 15:39:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Firefox\Profiles\0f8zext3.default\extensions
[2012.05.25 16:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Thomaz\AppData\Roaming\Mozilla\Firefox\Profiles\0f8zext3.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: npAPI Plugin (Enabled) = C:\Users\Thomaz\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll
CHR - plugin: npAPI Ghost Plugin (Enabled) = C:\Users\Thomaz\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - Extension: YouTube = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: I \u003C3 House Music = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbihiclmkdmbnihofkkhlmdefkclbfkj\1_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Thomaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MSO2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000..\Run: [A9476D6375887E276D5141E740DED5D734FD79AE._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000..\Run: [Facebook Update] C:\Users\Thomaz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKU\S-1-5-21-3760612987-1245359202-2044336907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 01 00 00 00 [binary data]
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - E:\MSO2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - E:\MSO2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSO2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSO2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5342CF02-BCF7-48A7-9189-FD9008B83569}: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D05DF42D-D9C0-433D-906C-113503B1D3A1}: DhcpNameServer = 94.74.192.252 94.74.192.244
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MSO2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\MSO2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.12.18 14:12:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
[2013.12.18 11:05:57 | 000,000,000 | ---D | C] -- C:\Boot
[2013.12.16 10:14:27 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODEON
[2013.12.16 10:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODEON
[2013.12.16 10:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2013.12.16 10:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ODEON
[2013.12.10 22:54:20 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Your Freedom
[2013.12.08 20:56:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RT 7 Lite
[2013.12.08 20:56:00 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
[2013.12.08 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Rockers Team
[2013.12.08 19:33:34 | 000,000,000 | ---D | C] -- C:\Intel
[2013.12.08 17:32:52 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013.12.08 17:32:13 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Facebook
[2013.12.06 16:31:10 | 332,021,496 | ---- | C] (Microsoft Corporation) -- C:\WSSP1.exe
[2013.12.06 15:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashBoot
[2013.12.06 15:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\FlashBoot
[2013.12.05 19:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Builder
[2013.12.05 19:25:17 | 000,000,000 | ---D | C] -- C:\pebuilder
[2013.12.03 16:19:30 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2013.12.03 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2013.12.01 16:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2013.12.01 16:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\nLite
[2013.12.01 13:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
[2013.12.01 12:34:58 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.29 18:40:11 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Malwarebytes
[2013.11.29 18:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.11.29 18:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\FolderSize
[2013.11.29 17:24:27 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\ElevatedDiagnostics
[2013.11.29 16:50:16 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\VirtualBox VMs
[2013.11.29 16:47:50 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\.VirtualBox
[2013.11.29 16:46:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.11.28 21:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SUA
[2013.11.28 21:29:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
[2013.11.28 21:12:19 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013.11.28 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2013.11.27 15:17:49 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Apps
[2013.11.27 15:13:29 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\File Viewer
[2013.11.27 14:54:57 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.11.27 14:54:57 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.11.27 14:54:57 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.11.27 14:54:57 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.11.27 14:54:55 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.11.27 14:54:55 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.11.27 14:54:55 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.11.27 14:54:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.11.27 14:54:54 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.11.27 14:54:54 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.11.27 14:54:54 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.11.27 14:54:54 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.11.27 14:54:54 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.11.27 14:54:54 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.11.27 14:54:54 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.11.27 14:54:54 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.11.27 14:54:53 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.11.27 14:54:53 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.11.27 14:54:53 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.11.27 14:54:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.11.27 14:54:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.11.27 14:54:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.11.27 14:54:52 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.11.27 14:54:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.11.27 14:54:49 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.11.27 14:54:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.11.27 14:54:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.11.27 14:54:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.11.27 14:54:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.11.27 14:54:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.11.27 14:54:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.11.27 14:54:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.11.27 14:54:45 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.11.27 14:54:45 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.11.27 14:54:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.11.27 14:54:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.11.27 14:54:45 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.11.27 14:54:45 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.11.27 14:54:44 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.11.27 14:54:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.11.27 14:54:44 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.11.27 14:54:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.11.27 14:54:43 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.11.27 14:54:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.11.27 14:54:43 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.11.27 14:54:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.11.27 14:54:43 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.11.27 14:54:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.11.27 14:54:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.11.27 14:54:42 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.11.27 14:54:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.11.27 14:54:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.11.27 14:54:41 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.11.27 14:54:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.11.27 14:54:41 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.11.27 14:54:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.11.27 14:54:41 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.11.27 14:54:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.11.27 14:54:40 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.11.27 14:54:40 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.11.27 14:54:40 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.11.27 14:54:40 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.11.27 14:54:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.11.27 14:54:39 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.11.27 14:54:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.11.27 14:54:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.11.27 14:54:38 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.11.27 14:54:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.11.27 14:54:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.11.27 14:54:38 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.11.27 14:54:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.11.27 14:54:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.11.27 14:54:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.11.27 14:54:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.11.27 14:54:38 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.11.27 14:54:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.11.27 14:54:37 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.11.27 14:54:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.11.27 14:54:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.11.27 14:54:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.11.27 14:54:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.11.27 14:54:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.11.27 14:54:35 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.11.27 14:54:35 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.11.27 14:54:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.11.27 14:54:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.11.27 14:54:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.11.27 14:54:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.11.27 14:54:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.11.27 14:54:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.11.27 14:54:34 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.11.27 14:54:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.11.27 14:54:33 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.11.27 14:54:33 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.11.27 14:54:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.11.27 14:54:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.11.27 14:54:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.11.27 14:54:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.11.27 14:54:30 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.11.27 14:54:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.11.27 14:54:30 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.11.27 14:54:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.11.27 14:54:29 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.11.27 14:54:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.11.27 14:54:27 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.11.27 14:54:27 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.11.27 14:54:26 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.11.27 14:54:26 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.11.27 14:54:26 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.11.27 14:54:26 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.11.27 14:54:26 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.11.27 14:54:26 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.11.27 14:54:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.11.27 14:54:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.11.27 14:54:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.11.27 14:54:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.11.27 14:54:26 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.11.27 14:54:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.11.27 14:54:25 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.11.27 14:54:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.11.27 14:54:24 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.11.27 14:54:24 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.11.27 14:54:24 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.11.27 14:54:24 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.11.27 14:54:24 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.11.27 14:54:24 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.11.27 14:54:24 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.11.27 14:54:24 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.11.27 14:54:24 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.11.27 14:54:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.11.27 14:54:24 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.11.27 14:54:24 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.11.27 14:54:23 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.11.27 14:54:23 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.11.27 14:54:23 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.11.27 14:54:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.11.27 14:54:23 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.11.27 14:54:23 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.11.27 14:54:22 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.11.27 14:54:22 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.11.27 14:54:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.11.27 14:54:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.11.27 14:54:20 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.11.27 14:54:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.11.27 14:54:20 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.11.27 14:54:20 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.11.27 14:54:19 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.11.27 14:54:19 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.11.27 14:54:18 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.11.27 14:54:18 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.11.27 14:54:18 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.11.27 14:54:18 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.11.27 14:54:18 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.11.27 14:54:18 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.11.27 14:54:18 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.11.27 14:54:18 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.11.27 14:54:17 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.11.27 14:54:17 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.11.27 14:54:16 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.11.27 14:54:16 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.11.27 14:54:16 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.11.27 14:54:16 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.11.27 14:54:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.11.27 14:54:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.11.27 14:54:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.11.27 14:54:06 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.11.27 14:54:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.11.27 14:54:06 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.11.27 14:54:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.11.27 14:54:04 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.11.27 14:54:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.11.27 14:54:02 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.11.27 14:54:02 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.11.27 14:54:01 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.11.27 14:54:01 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.11.27 14:54:00 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.11.27 14:54:00 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.11.27 14:54:00 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.11.27 14:54:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.11.27 14:53:53 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.11.27 14:53:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.11.27 14:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.11.27 14:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2013.11.27 14:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2013.11.27 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\Visual Studio 2005
[2013.11.27 14:47:25 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Programs
[2013.11.27 13:35:58 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\DVDFab
[2013.11.27 13:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.11.27 13:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.27 12:52:55 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.11.27 12:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.11.26 18:40:11 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Modern_Warfare_3_SaveGame
[2013.11.26 18:24:55 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\_
[2013.11.26 18:20:02 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Daring_Development_Inc
[2013.11.25 19:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.11.25 18:59:08 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Microsoft Help
[2013.11.25 17:41:17 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\Mozilla
[2013.11.24 12:32:23 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Local\ESN
[2013.11.23 20:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.11.23 19:02:12 | 003,787,820 | ---- | C] (XB36Hazard) -- C:\Users\Thomaz\Documents\Updater.exe
[2013.11.21 13:42:47 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2013.11.21 13:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013.11.21 13:40:12 | 000,129,944 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013.11.21 13:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2013.11.21 13:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinHex
[2013.11.20 17:01:33 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.11.20 17:01:33 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\Documents\Ulozto
[2013.11.20 17:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to File Manager
[2013.11.20 17:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulozto File Manager
[2013.11.20 16:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0
[2013.11.20 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2013.11.19 18:08:06 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.19 18:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow PowerPack
[2013.11.19 18:08:05 | 000,000,000 | ---D | C] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow PowerPack
[2013.11.19 12:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Team360h
[2013.11.19 12:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iso2God
[2013.11.18 20:19:51 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.11.18 20:19:42 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.11.18 20:19:41 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.11.18 20:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.12.18 14:31:47 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.18 14:27:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.12.18 14:27:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.18 14:22:51 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.18 14:22:51 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.18 14:22:35 | 014,024,704 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.mdb
[2013.12.18 14:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomaz\Desktop\OTL.exe
[2013.12.18 14:04:05 | 000,000,064 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.ldb
[2013.12.18 10:59:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.12.18 10:54:15 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.12.18 10:54:09 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2013.12.17 11:37:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
[2013.12.16 09:55:18 | 001,595,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.16 09:55:18 | 000,672,428 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.12.16 09:55:18 | 000,657,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.16 09:55:18 | 000,143,020 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.12.16 09:55:18 | 000,123,266 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.13 22:26:54 | 000,000,000 | -H-- | M] () -- C:\Users\Thomaz\Documents\Default.rdp
[2013.12.13 17:37:05 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.10 17:09:10 | 000,001,057 | ---- | M] () -- C:\Users\Thomaz\AppData\Roaming\vso_ts_preview.xml
[2013.12.08 20:56:04 | 000,002,233 | ---- | M] () -- C:\Users\Thomaz\Desktop\RT 7 Lite (64-Bit).lnk
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
[2013.12.05 13:55:49 | 000,444,192 | ---- | M] () -- C:\Users\Thomaz\Documents\IMG_20131205_0002.pdf
[2013.12.05 13:54:55 | 000,443,312 | ---- | M] () -- C:\Users\Thomaz\Documents\IMG_20131205_0001.pdf
[2013.12.02 11:59:12 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.11.29 16:48:21 | 000,000,843 | ---- | M] () -- C:\Windows\Active Setup Log.BAK
[2013.11.28 15:09:44 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.27 16:03:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.11.27 16:03:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.11.27 12:27:38 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.11.26 10:51:19 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.11.26 10:51:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.11.26 10:47:20 | 000,426,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.11.25 18:11:25 | 003,787,820 | ---- | M] (XB36Hazard) -- C:\Users\Thomaz\Documents\Updater.exe
[2013.11.19 12:32:02 | 018,840,240 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2013.11.18 18:49:20 | 000,045,056 | ---- | M] () -- C:\Users\Thomaz\Documents\DF6A94F96AD3FADFF8E2B346BEFCBF0754
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
Re: Kontrola logu
========== Files Created - No Company Name ==========
[2013.12.18 14:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.18 14:04:03 | 000,000,064 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.ldb
[2013.12.18 10:58:16 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013.12.13 22:26:54 | 000,000,000 | -H-- | C] () -- C:\Users\Thomaz\Documents\Default.rdp
[2013.12.10 16:38:21 | 000,001,057 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\vso_ts_preview.xml
[2013.12.08 20:56:04 | 000,002,233 | ---- | C] () -- C:\Users\Thomaz\Desktop\RT 7 Lite (64-Bit).lnk
[2013.12.08 17:32:28 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
[2013.12.08 17:32:18 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.05 13:55:48 | 000,444,192 | ---- | C] () -- C:\Users\Thomaz\Documents\IMG_20131205_0002.pdf
[2013.12.05 13:54:54 | 000,443,312 | ---- | C] () -- C:\Users\Thomaz\Documents\IMG_20131205_0001.pdf
[2013.12.01 13:39:37 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.01 13:39:36 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.12.01 12:39:30 | 000,935,175 | ---- | C] () -- C:\RSITx64.exe
[2013.11.29 16:26:44 | 000,000,843 | ---- | C] () -- C:\Windows\Active Setup Log.BAK
[2013.11.27 16:03:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.11.27 16:03:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.11.27 14:55:53 | 014,024,704 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.mdb
[2013.11.21 13:31:39 | 000,001,013 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinHex.lnk
[2013.11.19 12:30:32 | 018,840,240 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2013.11.18 20:19:36 | 000,002,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.11.18 18:49:20 | 000,045,056 | ---- | C] () -- C:\Users\Thomaz\Documents\DF6A94F96AD3FADFF8E2B346BEFCBF0754
[2013.07.29 19:07:48 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2013.03.16 21:12:34 | 000,007,598 | ---- | C] () -- C:\Users\Thomaz\AppData\Local\Resmon.ResmonCfg
[2013.03.16 21:08:24 | 000,000,374 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.02.14 17:11:37 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2013.01.30 10:34:32 | 000,019,109 | ---- | C] () -- C:\Windows\hpqins13.dat
[2012.03.16 18:21:39 | 001,564,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.26 16:43:12 | 000,003,584 | ---- | C] () -- C:\Users\Thomaz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.09.28 12:11:04 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\Canon
[2012.10.07 14:48:40 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\TuneUp Software
[2013.12.08 12:05:30 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\TweakNow PowerPack
[2011.12.07 13:06:44 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\Vso
[2011.12.22 08:08:07 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\DVDFab
[2012.10.25 20:40:44 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\TuneUp Software
[2012.02.05 11:18:38 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\Vso
[2013.10.13 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Canon
[2013.11.17 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Datel
[2012.01.26 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\DVDFab
[2013.11.03 18:53:09 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\GruntMods
[2013.12.17 13:27:46 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\HD Tune Pro
[2011.12.12 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ImgBurn
[2013.11.21 13:42:47 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2012.10.07 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TuneUp Software
[2013.11.19 18:08:05 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.20 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.12.03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\uTorrent
[2013.12.10 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Vso
[2010.12.16 20:59:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinAVI
[2010.12.27 14:04:07 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.07 19:22:55 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.12.08 17:32:18 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.08 17:32:28 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
< >
< MD5 for: AGP440.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:AGP440.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:AGP440.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:atapi.sys
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:atapi.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:atapi.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\pebuilder\BartPE\i386\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2005.03.24 18:34:40 | 000,609,792 | ---- | M] (Microsoft Corporation) MD5=45154441A6D9F833490A50320A2AC1B3 -- C:\Programs\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\pebuilder\BartPE\i386\system32\autochk.exe
[2013.12.08 20:01:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\AUTOCHK.EXE
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:cdrom.sys
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:cdrom.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:cdrom.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\pebuilder\BartPE\i386\system32\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\pebuilder\BartPE\i386\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:hal.dll
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:hal.dll
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:hal.dll
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\pebuilder\BartPE\i386\system32\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: CHANGER.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:Changer.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:Changer.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:Changer.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\pebuilder\BartPE\i386\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\SoftwareDistribution\Download\142cee68d348d7f371efb2bd1148f547\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\SoftwareDistribution\Download\83ae008fb8f8a5807ec9c49ce6e5aff9\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\pebuilder\BartPE\i386\system32\lsass.exe
[2013.09.25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\pebuilder\BartPE\i386\system32\drivers\ndis.sys
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\pebuilder\BartPE\i386\system32\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\pebuilder\BartPE\i386\system32\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\pebuilder\BartPE\i386\system32\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.12.08 20:03:01 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\pebuilder\BartPE\i386\system32\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: SYMMPI.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:symmpi.sys
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\pebuilder\BartPE\i386\system32\drivers\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\pebuilder\BartPE\i386\system32\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\pebuilder\BartPE\i386\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\pebuilder\BartPE\i386\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[19 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4449 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.08 18:07:32 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Adobe
[2010.01.18 09:46:45 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\AdobeUM
[2013.10.29 16:33:51 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Apple Computer
[2013.02.14 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ArcSoft
[2013.10.13 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Canon
[2013.11.17 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Datel
[2012.01.26 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\DVDFab
[2013.11.03 18:53:09 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\GruntMods
[2013.12.17 13:27:46 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\HD Tune Pro
[2011.12.12 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ImgBurn
[2013.02.13 19:33:33 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\InstallShield
[2011.01.11 19:05:01 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Macromedia
[2013.11.29 18:40:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Media Center Programs
[2013.11.27 14:49:27 | 000,000,000 | --SD | M] -- C:\Users\Thomaz\AppData\Roaming\Microsoft
[2010.02.01 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Mozilla
[2012.11.09 12:30:45 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Nero
[2013.11.21 13:42:47 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2012.10.07 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TuneUp Software
[2013.11.19 18:08:05 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.20 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.12.03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\uTorrent
[2013.12.13 22:30:15 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\vlc
[2013.12.10 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Vso
[2010.12.16 20:59:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinAVI
[2010.02.01 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinRAR
[2010.12.27 14:04:07 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2013.11.27 12:52:55 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2013.05.01 19:15:12 | 000,010,134 | R--- | M] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2013.12.08 20:56:02 | 000,370,070 | R--- | M] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}\RTWin7Lite.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"A9476D6375887E276D5141E740DED5D734FD79AE._service_run" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service -- [2013.11.14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
"Facebook Update" = "C:\Users\Thomaz\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.12.08 17:32:13 | 000,138,096 | ---- | M] (Facebook Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.18 14:31:47 | 000,000,512 | ---- | M] () MD5=A5ADF6A5843E5BFEAA50024E99D10BB9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.11.05 20:50:08 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013.11.18 09:36:22 | 000,001,371 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
[2013.11.18 09:36:22 | 000,013,434 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
[2013.10.04 05:33:16 | 000,002,967 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\flashlobby\lobby\safecrackerkeno.swf
[2013.10.04 05:33:26 | 000,012,201 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\flashlobby\lobby\safecrackerkeno_popup.swf
[2013.11.05 20:50:08 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013.11.18 09:36:22 | 000,001,371 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
[2013.11.18 09:36:22 | 000,013,434 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
< *keygen* /s >
[2012.12.05 01:11:22 | 000,391,168 | ---- | M] () -- \Program Files (x86)\WinHex\keygen.exe
[2009.12.15 09:55:18 | 000,104,960 | ---- | M] () -- \Users\Pepa.Thomaz-PC\Desktop\WinRAR.v3.92.b.(x32.x64)\WinRAR.v3.92.b.(x32.x64)\CORE.keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2013.09.25 08:03:42 | 000,048,315 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2013.09.25 08:03:42 | 000,015,895 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2008.07.23 22:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_INTEL_1.adl
[2008.07.23 22:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2008.07.23 22:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_INTEL_2.adl
[2008.07.23 22:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_SAMSUNG_2.adl
[2010.01.23 14:44:40 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2009.04.30 07:00:40 | 000,000,073 | ---- | M] () -- \Program Files\XB360 Modder v4.0\Hex Editor Neo\downloader.cdm
[2009.05.09 15:30:50 | 000,124,928 | ---- | M] () -- \Program Files\XB360 Modder v4.0\Hex Editor Neo\downloader.dll
[2013.11.05 21:06:00 | 000,024,610 | ---- | M] () -- \ProgramData\MGS\cache\a\aupreloader.12b4c77f15053633e8070474855c45b2.swf
[2013.11.05 21:06:01 | 000,127,492 | ---- | M] () -- \ProgramData\MGS\cache\a\auroraloader.61bc4d82efbf020b4dc53d7c5331d8c0.swf
[2013.11.05 20:50:28 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013.11.05 20:50:27 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013.11.05 20:50:24 | 000,000,734 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2013.11.05 20:53:12 | 000,000,305 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.11.05 20:50:24 | 000,004,554 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013.11.18 09:42:38 | 000,004,068 | ---- | M] () -- \ProgramData\MGS\cache\p\preloader.6d267f7d78e1549ee7a60bd8c1549174.swf
[2013.11.18 09:42:38 | 000,004,019 | ---- | M] () -- \ProgramData\MGS\cache\r\rubyloader.e70f8c2c44881a6d79aad738ad5297bc.swf
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2005.03.24 18:43:52 | 000,275,968 | ---- | M] () -- \Programs\i386\osloader.exe
[2013.11.12 21:06:32 | 000,001,348 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\Crypto_Preloader.swf
[2013.11.12 21:06:35 | 000,001,348 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\bejeweled\Preloader.swf
[2013.11.16 11:47:45 | 000,010,375 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\funnymoney\preloader.swf
[2013.11.16 12:00:33 | 000,203,307 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\genesplice\Preloader.swf
[2013.11.17 19:22:59 | 000,205,876 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\hawaiianmadness\preloader.swf
[2013.11.12 21:15:44 | 000,001,770 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\chainreactors\Preloader.xml
[2013.11.12 22:04:41 | 000,285,533 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\manchesterunited\preloader.swf
[2013.11.12 21:55:06 | 000,330,445 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\roadhogs\preloader.swf
[2013.11.12 22:24:18 | 000,001,665 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\supercubes\Preloader.xml
[2013.11.12 22:06:58 | 000,120,616 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\thatsmagic\preloader.swf
[2013.11.17 18:41:09 | 000,140,136 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\valkyrie\Preloader.swf
[2013.03.21 09:46:44 | 000,035,024 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Uninstall\Preloader.jpg
[2013.10.13 00:34:35 | 000,007,277 | ---- | M] () -- \Programs\PartyGaming\SmartUpgrader\Preloader.jpg
[2013.10.13 00:34:36 | 000,004,416 | ---- | M] () -- \Programs\PartyGaming\SmartUpgrader\PreloaderIEImage.JPG
[2013.11.05 21:06:00 | 000,024,610 | ---- | M] () -- \Users\All Users\MGS\cache\a\aupreloader.12b4c77f15053633e8070474855c45b2.swf
[2013.11.05 21:06:01 | 000,127,492 | ---- | M] () -- \Users\All Users\MGS\cache\a\auroraloader.61bc4d82efbf020b4dc53d7c5331d8c0.swf
[2013.11.05 20:50:28 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013.11.05 20:50:27 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013.11.05 20:50:24 | 000,000,734 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2013.11.05 20:53:12 | 000,000,305 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.11.05 20:50:24 | 000,004,554 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013.11.18 09:42:38 | 000,004,068 | ---- | M] () -- \Users\All Users\MGS\cache\p\preloader.6d267f7d78e1549ee7a60bd8c1549174.swf
[2013.11.18 09:42:38 | 000,004,019 | ---- | M] () -- \Users\All Users\MGS\cache\r\rubyloader.e70f8c2c44881a6d79aad738ad5297bc.swf
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.08.12 21:52:33 | 000,000,723 | ---- | M] () -- \Users\Pavla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Q5ZXWF0\downloaderror[1].js
[2013.08.12 21:52:33 | 000,001,174 | ---- | M] () -- \Users\Pavla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5OTN626\downloader[1].js
[2013.12.08 20:01:37 | 000,017,421 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\DMLOADER.DL_
[2013.12.08 20:02:39 | 000,115,367 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\OSLOADER.EX_
[2013.12.08 20:02:39 | 000,133,029 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\OSLOADER.NT_
[2013.12.18 14:35:22 | 000,000,412 | ---- | M] () -- \Users\Thomaz\AppData\Roaming\Microsoft\Windows\Recent\JetDownloaderSetup.zip.lnk
[2013.12.18 14:37:36 | 000,000,627 | ---- | M] () -- \Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetDownloader\JetDownloader.lnk
[2013.12.18 14:37:34 | 000,000,627 | ---- | M] () -- \Users\Thomaz\Desktop\JetDownloader.lnk
[2010.12.03 16:40:54 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.11.18 19:32:31 | 000,107,706 | ---- | M] () -- \Windows\Prefetch\GPDOWNLOADER.EXE-7C1F5765.pf
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2007.08.07 13:04:24 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2007.08.07 13:04:24 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.12.16 12:30:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.12.16 12:30:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.12.16 12:30:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.12.16 12:30:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.12.16 12:30:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2012.09.19 12:08:56 | 000,318,304 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\ProgramDeactivator.exe
[2012.09.19 12:10:58 | 000,112,992 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_24x24.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2013.11.18 20:19:37 | 000,002,465 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
[2013.11.18 20:19:37 | 000,002,465 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
< *serial* /s >
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \pebuilder\BartPE\i386\system32\drivers\serial.sys
[2011.11.13 20:55:50 | 000,004,232 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v3\serialinfo.c32
[2011.11.13 20:55:56 | 000,004,624 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v4\serialinfo.c32
[2013.05.13 14:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.08.08 19:09:18 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2005.10.28 15:29:20 | 000,000,592 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\EnumerateSerialPorts.snippet
[2005.10.28 15:29:20 | 000,001,178 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\ReadDatafromaSerialPort.snippet
[2005.10.28 15:29:20 | 000,001,492 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2008.07.23 23:29:16 | 000,001,581 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\JAF COM Driver\vserial.inf
[2008.07.23 23:29:16 | 000,047,744 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\JAF COM Driver\vserial.sys
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.07.01 17:53:34 | 000,010,926 | ---- | M] () -- \Program Files\Activ Software\Activdriver\activserial\XP\activserial.cat
[2008.06.16 14:39:52 | 000,005,635 | ---- | M] () -- \Program Files\Activ Software\Activdriver\activserial\XP\activserial.inf
[2013.05.13 16:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.08.08 19:09:46 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2005.03.24 18:04:58 | 000,029,353 | ---- | M] () -- \Programs\i386\serial.sy_
[2005.03.24 18:05:00 | 000,007,373 | ---- | M] () -- \Programs\i386\serialui.dl_
[2005.03.24 18:42:04 | 000,131,072 | ---- | M] () -- \Programs\i386\system.runtime.serialization.formatters.soap.dll
[2013.12.08 20:01:38 | 000,024,957 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\DPSERIAL.DL_
[2013.12.08 20:02:49 | 000,030,259 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SERIAL.SY_
[2013.12.08 20:02:49 | 000,006,549 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SERIALUI.DL_
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.02 17:36:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.02 17:37:13 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.10.02 17:51:12 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.02 17:51:51 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.10.12 10:42:24 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.10.02 17:40:02 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.03 16:32:05 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.10.15 16:36:30 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013.10.03 16:39:59 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.10.04 15:56:00 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.04 15:59:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2011.06.29 02:12:44 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.09 12:26:09 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.29 02:12:44 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.10.09 12:26:08 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.09 12:26:13 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.09.23 07:56:56 | 000,008,007 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.xml
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2008.07.01 17:53:34 | 000,010,926 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.cat
[2008.06.16 14:39:52 | 000,005,635 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.inf
[2011.01.11 19:03:43 | 000,013,988 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.PNF
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2008.07.23 23:29:16 | 000,001,581 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\vserial.inf_amd64_neutral_7d751c0cbdcc2b7a\vserial.inf
[2013.12.16 10:13:23 | 000,006,356 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\vserial.inf_amd64_neutral_7d751c0cbdcc2b7a\vserial.PNF
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.12.16 12:29:48 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.12.16 12:29:48 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6104 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
< End of report >
[2013.12.18 14:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.18 14:04:03 | 000,000,064 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.ldb
[2013.12.18 10:58:16 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013.12.13 22:26:54 | 000,000,000 | -H-- | C] () -- C:\Users\Thomaz\Documents\Default.rdp
[2013.12.10 16:38:21 | 000,001,057 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\vso_ts_preview.xml
[2013.12.08 20:56:04 | 000,002,233 | ---- | C] () -- C:\Users\Thomaz\Desktop\RT 7 Lite (64-Bit).lnk
[2013.12.08 17:32:28 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
[2013.12.08 17:32:18 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.05 13:55:48 | 000,444,192 | ---- | C] () -- C:\Users\Thomaz\Documents\IMG_20131205_0002.pdf
[2013.12.05 13:54:54 | 000,443,312 | ---- | C] () -- C:\Users\Thomaz\Documents\IMG_20131205_0001.pdf
[2013.12.01 13:39:37 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.01 13:39:36 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.12.01 12:39:30 | 000,935,175 | ---- | C] () -- C:\RSITx64.exe
[2013.11.29 16:26:44 | 000,000,843 | ---- | C] () -- C:\Windows\Active Setup Log.BAK
[2013.11.27 16:03:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.11.27 16:03:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.11.27 14:55:53 | 014,024,704 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Sandra.mdb
[2013.11.21 13:31:39 | 000,001,013 | ---- | C] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinHex.lnk
[2013.11.19 12:30:32 | 018,840,240 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2013.11.18 20:19:36 | 000,002,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.11.18 18:49:20 | 000,045,056 | ---- | C] () -- C:\Users\Thomaz\Documents\DF6A94F96AD3FADFF8E2B346BEFCBF0754
[2013.07.29 19:07:48 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2013.03.16 21:12:34 | 000,007,598 | ---- | C] () -- C:\Users\Thomaz\AppData\Local\Resmon.ResmonCfg
[2013.03.16 21:08:24 | 000,000,374 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.02.14 17:11:37 | 000,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2013.01.30 10:34:32 | 000,019,109 | ---- | C] () -- C:\Windows\hpqins13.dat
[2012.03.16 18:21:39 | 001,564,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.26 16:43:12 | 000,003,584 | ---- | C] () -- C:\Users\Thomaz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.09.28 12:11:04 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\Canon
[2012.10.07 14:48:40 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\TuneUp Software
[2013.12.08 12:05:30 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\TweakNow PowerPack
[2011.12.07 13:06:44 | 000,000,000 | ---D | M] -- C:\Users\Pavla\AppData\Roaming\Vso
[2011.12.22 08:08:07 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\DVDFab
[2012.10.25 20:40:44 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\TuneUp Software
[2012.02.05 11:18:38 | 000,000,000 | ---D | M] -- C:\Users\Pepa.Thomaz-PC\AppData\Roaming\Vso
[2013.10.13 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Canon
[2013.11.17 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Datel
[2012.01.26 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\DVDFab
[2013.11.03 18:53:09 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\GruntMods
[2013.12.17 13:27:46 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\HD Tune Pro
[2011.12.12 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ImgBurn
[2013.11.21 13:42:47 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2012.10.07 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TuneUp Software
[2013.11.19 18:08:05 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.20 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.12.03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\uTorrent
[2013.12.10 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Vso
[2010.12.16 20:59:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinAVI
[2010.12.27 14:04:07 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.07 19:22:55 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.12.08 17:32:18 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000Core.job
[2013.12.08 17:32:28 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3760612987-1245359202-2044336907-1000UA.job
< >
< MD5 for: AGP440.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:AGP440.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:AGP440.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:atapi.sys
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:atapi.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:atapi.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\pebuilder\BartPE\i386\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2005.03.24 18:34:40 | 000,609,792 | ---- | M] (Microsoft Corporation) MD5=45154441A6D9F833490A50320A2AC1B3 -- C:\Programs\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\pebuilder\BartPE\i386\system32\autochk.exe
[2013.12.08 20:01:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\AUTOCHK.EXE
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:cdrom.sys
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:cdrom.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:cdrom.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\pebuilder\BartPE\i386\system32\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\pebuilder\BartPE\i386\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:hal.dll
[2013.12.08 20:02:53 | 010,174,968 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp1.cab:hal.dll
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:hal.dll
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\pebuilder\BartPE\i386\system32\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: CHANGER.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:Changer.sys
[2013.12.08 20:02:55 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp2.cab:Changer.sys
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:Changer.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2013.12.08 20:02:57 | 020,102,206 | ---- | M] () .cab file -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\sp3.cab:isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\pebuilder\BartPE\i386\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\SoftwareDistribution\Download\142cee68d348d7f371efb2bd1148f547\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\SoftwareDistribution\Download\83ae008fb8f8a5807ec9c49ce6e5aff9\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\pebuilder\BartPE\i386\system32\lsass.exe
[2013.09.25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\pebuilder\BartPE\i386\system32\drivers\ndis.sys
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\pebuilder\BartPE\i386\system32\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\pebuilder\BartPE\i386\system32\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\pebuilder\BartPE\i386\system32\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.12.08 20:03:01 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\pebuilder\BartPE\i386\system32\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: SYMMPI.SYS >
[2005.03.24 18:46:12 | 014,236,855 | ---- | M] () .cab file -- C:\Programs\i386\sp1.cab:symmpi.sys
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\pebuilder\BartPE\i386\system32\drivers\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\pebuilder\BartPE\i386\system32\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\pebuilder\BartPE\i386\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\pebuilder\BartPE\i386\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[19 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4449 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.08 18:07:32 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Adobe
[2010.01.18 09:46:45 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\AdobeUM
[2013.10.29 16:33:51 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Apple Computer
[2013.02.14 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ArcSoft
[2013.10.13 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Canon
[2013.11.17 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Datel
[2012.01.26 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\DVDFab
[2013.11.03 18:53:09 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\GruntMods
[2013.12.17 13:27:46 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\HD Tune Pro
[2011.12.12 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\ImgBurn
[2013.02.13 19:33:33 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\InstallShield
[2011.01.11 19:05:01 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Macromedia
[2013.11.29 18:40:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Media Center Programs
[2013.11.27 14:49:27 | 000,000,000 | --SD | M] -- C:\Users\Thomaz\AppData\Roaming\Microsoft
[2010.02.01 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Mozilla
[2012.11.09 12:30:45 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Nero
[2013.11.21 13:42:47 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\PowerISO
[2012.10.07 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TuneUp Software
[2013.11.19 18:08:05 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack
[2013.11.19 18:08:06 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\TweakNow PowerPack 2012
[2013.11.20 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Ulozto File Manager
[2013.12.03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\uTorrent
[2013.12.13 22:30:15 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\vlc
[2013.12.10 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Vso
[2010.12.16 20:59:40 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinAVI
[2010.02.01 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\WinRAR
[2010.12.27 14:04:07 | 000,000,000 | ---D | M] -- C:\Users\Thomaz\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2013.11.27 12:52:55 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2013.05.01 19:15:12 | 000,010,134 | R--- | M] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2013.12.08 20:56:02 | 000,370,070 | R--- | M] () -- C:\Users\Thomaz\AppData\Roaming\Microsoft\Installer\{DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}\RTWin7Lite.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.12.01 12:39:33 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2013.12.06 16:33:37 | 332,021,496 | ---- | M] (Microsoft Corporation) -- C:\WSSP1.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"A9476D6375887E276D5141E740DED5D734FD79AE._service_run" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service -- [2013.11.14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
"Facebook Update" = "C:\Users\Thomaz\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.12.08 17:32:13 | 000,138,096 | ---- | M] (Facebook Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.18 14:31:47 | 000,000,512 | ---- | M] () MD5=A5ADF6A5843E5BFEAA50024E99D10BB9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.11.05 20:50:08 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013.11.18 09:36:22 | 000,001,371 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
[2013.11.18 09:36:22 | 000,013,434 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
[2013.10.04 05:33:16 | 000,002,967 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\flashlobby\lobby\safecrackerkeno.swf
[2013.10.04 05:33:26 | 000,012,201 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\flashlobby\lobby\safecrackerkeno_popup.swf
[2013.11.05 20:50:08 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013.11.18 09:36:22 | 000,001,371 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjackcommon.30e8e1c899235111d3b1b84c91bce0ae.inf
[2013.11.18 09:36:22 | 000,013,434 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjackcommon.b4fc0002a0c341b1251a31ea5012f803.inf
< *keygen* /s >
[2012.12.05 01:11:22 | 000,391,168 | ---- | M] () -- \Program Files (x86)\WinHex\keygen.exe
[2009.12.15 09:55:18 | 000,104,960 | ---- | M] () -- \Users\Pepa.Thomaz-PC\Desktop\WinRAR.v3.92.b.(x32.x64)\WinRAR.v3.92.b.(x32.x64)\CORE.keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2013.09.25 08:03:42 | 000,048,315 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2013.09.25 08:03:42 | 000,015,895 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2008.07.23 22:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_INTEL_1.adl
[2008.07.23 22:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2008.07.23 22:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_INTEL_2.adl
[2008.07.23 22:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_SAMSUNG_2.adl
[2010.01.23 14:44:40 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2009.04.30 07:00:40 | 000,000,073 | ---- | M] () -- \Program Files\XB360 Modder v4.0\Hex Editor Neo\downloader.cdm
[2009.05.09 15:30:50 | 000,124,928 | ---- | M] () -- \Program Files\XB360 Modder v4.0\Hex Editor Neo\downloader.dll
[2013.11.05 21:06:00 | 000,024,610 | ---- | M] () -- \ProgramData\MGS\cache\a\aupreloader.12b4c77f15053633e8070474855c45b2.swf
[2013.11.05 21:06:01 | 000,127,492 | ---- | M] () -- \ProgramData\MGS\cache\a\auroraloader.61bc4d82efbf020b4dc53d7c5331d8c0.swf
[2013.11.05 20:50:28 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013.11.05 20:50:27 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013.11.05 20:50:24 | 000,000,734 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2013.11.05 20:53:12 | 000,000,305 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.11.05 20:50:24 | 000,004,554 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013.11.18 09:42:38 | 000,004,068 | ---- | M] () -- \ProgramData\MGS\cache\p\preloader.6d267f7d78e1549ee7a60bd8c1549174.swf
[2013.11.18 09:42:38 | 000,004,019 | ---- | M] () -- \ProgramData\MGS\cache\r\rubyloader.e70f8c2c44881a6d79aad738ad5297bc.swf
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2005.03.24 18:43:52 | 000,275,968 | ---- | M] () -- \Programs\i386\osloader.exe
[2013.11.12 21:06:32 | 000,001,348 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\Crypto_Preloader.swf
[2013.11.12 21:06:35 | 000,001,348 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\bejeweled\Preloader.swf
[2013.11.16 11:47:45 | 000,010,375 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\funnymoney\preloader.swf
[2013.11.16 12:00:33 | 000,203,307 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\genesplice\Preloader.swf
[2013.11.17 19:22:59 | 000,205,876 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\hawaiianmadness\preloader.swf
[2013.11.12 21:15:44 | 000,001,770 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\chainreactors\Preloader.xml
[2013.11.12 22:04:41 | 000,285,533 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\manchesterunited\preloader.swf
[2013.11.12 21:55:06 | 000,330,445 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\roadhogs\preloader.swf
[2013.11.12 22:24:18 | 000,001,665 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\supercubes\Preloader.xml
[2013.11.12 22:06:58 | 000,120,616 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\thatsmagic\preloader.swf
[2013.11.17 18:41:09 | 000,140,136 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Language\en_US\images\fcgames\partygames\slots\valkyrie\Preloader.swf
[2013.03.21 09:46:44 | 000,035,024 | ---- | M] () -- \Programs\PartyGaming\PartyCasino\Uninstall\Preloader.jpg
[2013.10.13 00:34:35 | 000,007,277 | ---- | M] () -- \Programs\PartyGaming\SmartUpgrader\Preloader.jpg
[2013.10.13 00:34:36 | 000,004,416 | ---- | M] () -- \Programs\PartyGaming\SmartUpgrader\PreloaderIEImage.JPG
[2013.11.05 21:06:00 | 000,024,610 | ---- | M] () -- \Users\All Users\MGS\cache\a\aupreloader.12b4c77f15053633e8070474855c45b2.swf
[2013.11.05 21:06:01 | 000,127,492 | ---- | M] () -- \Users\All Users\MGS\cache\a\auroraloader.61bc4d82efbf020b4dc53d7c5331d8c0.swf
[2013.11.05 20:50:28 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013.11.05 20:50:27 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013.11.05 20:50:24 | 000,000,734 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2013.11.05 20:53:12 | 000,000,305 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.11.05 20:50:24 | 000,004,554 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013.11.18 09:42:38 | 000,004,068 | ---- | M] () -- \Users\All Users\MGS\cache\p\preloader.6d267f7d78e1549ee7a60bd8c1549174.swf
[2013.11.18 09:42:38 | 000,004,019 | ---- | M] () -- \Users\All Users\MGS\cache\r\rubyloader.e70f8c2c44881a6d79aad738ad5297bc.swf
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.08.12 21:52:33 | 000,000,723 | ---- | M] () -- \Users\Pavla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Q5ZXWF0\downloaderror[1].js
[2013.08.12 21:52:33 | 000,001,174 | ---- | M] () -- \Users\Pavla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5OTN626\downloader[1].js
[2013.12.08 20:01:37 | 000,017,421 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\DMLOADER.DL_
[2013.12.08 20:02:39 | 000,115,367 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\OSLOADER.EX_
[2013.12.08 20:02:39 | 000,133,029 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\OSLOADER.NT_
[2013.12.18 14:35:22 | 000,000,412 | ---- | M] () -- \Users\Thomaz\AppData\Roaming\Microsoft\Windows\Recent\JetDownloaderSetup.zip.lnk
[2013.12.18 14:37:36 | 000,000,627 | ---- | M] () -- \Users\Thomaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetDownloader\JetDownloader.lnk
[2013.12.18 14:37:34 | 000,000,627 | ---- | M] () -- \Users\Thomaz\Desktop\JetDownloader.lnk
[2010.12.03 16:40:54 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.11.18 19:32:31 | 000,107,706 | ---- | M] () -- \Windows\Prefetch\GPDOWNLOADER.EXE-7C1F5765.pf
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2007.08.07 13:04:24 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2007.08.07 13:04:24 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.12.16 12:30:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.12.16 12:30:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.12.16 12:30:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.12.16 12:30:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.12.16 12:30:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2012.09.19 12:08:56 | 000,318,304 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\ProgramDeactivator.exe
[2012.09.19 12:10:58 | 000,112,992 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_24x24.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2013.11.18 20:19:37 | 000,002,465 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
[2013.11.18 20:19:37 | 000,002,465 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
< *serial* /s >
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \pebuilder\BartPE\i386\system32\drivers\serial.sys
[2011.11.13 20:55:50 | 000,004,232 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v3\serialinfo.c32
[2011.11.13 20:55:56 | 000,004,624 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v4\serialinfo.c32
[2013.05.13 14:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.08.08 19:09:18 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2005.10.28 15:29:20 | 000,000,592 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\EnumerateSerialPorts.snippet
[2005.10.28 15:29:20 | 000,001,178 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\ReadDatafromaSerialPort.snippet
[2005.10.28 15:29:20 | 000,001,492 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2008.07.23 23:29:16 | 000,001,581 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\JAF COM Driver\vserial.inf
[2008.07.23 23:29:16 | 000,047,744 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\JAF COM Driver\vserial.sys
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.07.01 17:53:34 | 000,010,926 | ---- | M] () -- \Program Files\Activ Software\Activdriver\activserial\XP\activserial.cat
[2008.06.16 14:39:52 | 000,005,635 | ---- | M] () -- \Program Files\Activ Software\Activdriver\activserial\XP\activserial.inf
[2013.05.13 16:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.08.08 19:09:46 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2005.03.24 18:04:58 | 000,029,353 | ---- | M] () -- \Programs\i386\serial.sy_
[2005.03.24 18:05:00 | 000,007,373 | ---- | M] () -- \Programs\i386\serialui.dl_
[2005.03.24 18:42:04 | 000,131,072 | ---- | M] () -- \Programs\i386\system.runtime.serialization.formatters.soap.dll
[2013.12.08 20:01:38 | 000,024,957 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\DPSERIAL.DL_
[2013.12.08 20:02:49 | 000,030,259 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SERIAL.SY_
[2013.12.08 20:02:49 | 000,006,549 | ---- | M] () -- \Users\Thomaz\AppData\Local\Temp\~wintoflash~source~temp~76931715701831045230\I386\SERIALUI.DL_
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.02 17:36:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.02 17:37:13 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.10.02 17:51:12 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.02 17:51:51 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.10.12 10:42:24 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.10.02 17:40:02 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.03 16:32:05 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.10.15 16:36:30 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013.10.03 16:39:59 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.10.04 15:56:00 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.04 15:59:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2011.06.29 02:12:44 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.09 12:26:09 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.29 02:12:44 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.10.09 12:26:08 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.09 12:26:13 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.09.23 07:56:56 | 000,008,007 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.xml
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2008.07.01 17:53:34 | 000,010,926 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.cat
[2008.06.16 14:39:52 | 000,005,635 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.inf
[2011.01.11 19:03:43 | 000,013,988 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_amd64_neutral_8ba58701de4bf7d6\activserial.PNF
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2008.07.23 23:29:16 | 000,001,581 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\vserial.inf_amd64_neutral_7d751c0cbdcc2b7a\vserial.inf
[2013.12.16 10:13:23 | 000,006,356 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\vserial.inf_amd64_neutral_7d751c0cbdcc2b7a\vserial.PNF
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.12.16 12:29:48 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.12.16 12:29:48 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6104 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
< End of report >
Re: Kontrola logu
První je log Extras a druhý a třetí je log OTL. Prosím tedy o zkontrolování a další postup
Re: Kontrola logu
Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce8.2. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?