Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

kontrola logu

#1 Příspěvek od juraj228899 »

ComboFix 15-01-27.01 - HeCToR . 01. 2015 1:19.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4095.1511 [GMT 1:00]
Running from: c:\users\HeCToR\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\STFB6B9.tmp
.
.
((((((((((((((((((((((((( Files Created from 2014-12-27 to 2015-01-27 )))))))))))))))))))))))))))))))
.
.
2015-01-27 00:24 . 2015-01-27 00:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-27 00:24 . 2015-01-27 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-26 23:58 . 2015-01-26 23:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-26 23:58 . 2015-01-26 23:58 -------- d-----w- c:\programdata\RogueKiller
2015-01-26 23:41 . 2015-01-26 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\users\HeCToR\AppData\Roaming\SUPERAntiSpyware.com
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-01-26 22:37 . 2015-01-26 22:37 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9379D31-E40C-438E-8BBC-5B07FDA200B6}\offreg.dll
2015-01-21 17:05 . 2014-12-13 00:11 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-01-21 17:05 . 2014-12-13 00:11 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-01-21 17:04 . 2015-01-21 17:04 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2015-01-21 17:04 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-01-21 17:03 . 2014-12-13 08:03 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-01-21 16:49 . 2014-12-12 23:11 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2015-01-02 16:32 . 2015-01-02 16:32 -------- d-----w- c:\program files\EA SPORTS
2015-01-01 15:43 . 2015-01-03 21:16 -------- d-----w- c:\program files (x86)\EA SPORTS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-26 01:23 . 2010-07-26 21:31 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-01-26 01:23 . 2010-07-26 19:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-01-25 21:31 . 2010-07-26 19:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-01-25 21:20 . 2012-10-25 07:50 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 21:20 . 2011-05-18 14:49 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 10:08 . 2013-12-14 19:08 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2013-12-14 19:08 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2013-12-14 19:06 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 10:08 . 2013-12-14 19:06 2897824 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-12-13 08:03 . 2013-12-14 19:08 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2013-12-14 19:08 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2013-12-14 19:08 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2013-12-14 19:08 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2013-12-14 19:08 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 00:11 . 2013-12-14 19:10 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:11 . 2013-12-14 19:10 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-22 15:41 . 2014-10-25 13:51 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 10:46 . 2013-10-30 15:05 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-01 12:28 . 2014-10-25 13:51 83280 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2011-09-16 14:12 . 2014-03-14 17:45 3623592 ----a-w- c:\program files (x86)\Common Files\ApnToolbarInstaller.exe
2011-09-16 14:12 . 2014-03-14 17:45 143240 ----a-w- c:\program files (x86)\Common Files\ApnStub.exe
2010-01-26 09:11 . 2014-03-14 17:49 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-12-15 7780120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-01 5223016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Kone"="c:\program files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE"
"hpqSRMon"=c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 jswpbapi;JumpStart Push-Button Service;c:\program files (x86)\TP-LINK\QSS\jswpbapi.exe;c:\program files (x86)\TP-LINK\QSS\jswpbapi.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys;c:\windows\SYSNATIVE\drivers\Kone.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys;c:\windows\SYSNATIVE\drivers\CM10864.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - SASDIFSV
*NewlyCreated* - SASKUTIL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-24 22:36 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-25 21:20]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02 22:11]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02 22:11]
.
2015-01-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 10fb802b-9913-4c0d-9a54-33107ba969e3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-01-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 753a0dfa-182f-4240-9a09-a27f1271da22.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-25 13:51 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2009-12-08 8146944]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-{A3456A29-3ECD-106E-1191-6B366BA3503A} - c:\progra~3\INSTAL~2\{0CBEE~1\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,bd,d4,2b,23,15,aa,35,e3,73,96,e4,12,a7,58,8b,9a,5f,ee,66,13,5c,21,
58,e3,f4,f7,34,58,d2,de,24,a9,54,89,ae,b8,4a,8a,41,ac,af,c2,48,43,56,57,7f,\
"??"=hex:4e,02,df,0a,33,e6,b7,3b,b7,5c,8f,41,3a,52,72,8b
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuROM\License information*]
"datasecu"=hex:cc,b1,12,77,3a,0e,5e,95,be,46,ff,dc,9e,dc,c3,c9,a0,e8,f7,0e,9e,
a7,c4,68,02,4f,fa,5d,fd,5f,dc,be,ad,70,86,16,4f,3d,75,f1,fb,92,c4,6d,c8,8b,\
"rkeysecu"=hex:35,1e,83,e7,38,3c,fb,4e,d2,3d,cc,9a,ed,31,5b,f1
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,bd,d4,2b,23,15,aa,35,e3,73,96,e4,12,a7,58,8b,9a,5f,ee,66,13,5c,21,
58,e3,f4,f7,34,58,d2,de,24,a9,54,89,ae,b8,4a,8a,41,ac,af,c2,48,43,56,57,7f,\
"??"=hex:4e,02,df,0a,33,e6,b7,3b,b7,5c,8f,41,3a,52,72,8b
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\Software\SecuROM\License information*]
"datasecu"=hex:cc,b1,12,77,3a,0e,5e,95,be,46,ff,dc,9e,dc,c3,c9,a0,e8,f7,0e,9e,
a7,c4,68,02,4f,fa,5d,fd,5f,dc,be,ad,70,86,16,4f,3d,75,f1,fb,92,c4,6d,c8,8b,\
"rkeysecu"=hex:35,1e,83,e7,38,3c,fb,4e,d2,3d,cc,9a,ed,31,5b,f1
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-01-27 01:26:48
ComboFix-quarantined-files.txt 2015-01-27 00:26
.
Pre-Run: 221 303 136 256 bytes free
Post-Run: 221 241 131 008 bytes free
.
- - End Of File - - 3A76B9EBFB3F8E54C98B452980F51E90
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: kontrola logu

#2 Příspěvek od altrok »

Zdravim :bye:

:arrow: Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe
  • kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
  • do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
  • zbytek ponechte, jak je a kliknete na Prohledat
  • vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#3 Příspěvek od juraj228899 »

OTL Extras logfile created on: 28. 1. 2015 0:12:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HeCToR\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,62% Memory free
8,00 Gb Paging File | 6,65 Gb Available in Paging File | 83,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273,34 Gb Total Space | 205,60 Gb Free Space | 75,22% Space Free | Partition Type: NTFS
Drive D: | 322,73 Gb Total Space | 280,20 Gb Free Space | 86,82% Space Free | Partition Type: NTFS

Computer Name: HECTOR-PC | User Name: HeCToR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EFF3FE-F352-405D-BD2D-3C72C033D25C}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{0A0C38F6-AE22-4B5B-A889-382B2FC43C04}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E5CD1C5-0990-425B-9398-98902B49D461}" = rport=137 | protocol=17 | dir=out | app=system |
"{15F42248-AE1D-4086-BF05-2A09949D1312}" = lport=137 | protocol=17 | dir=in | app=system |
"{17934463-039C-40DD-AE7B-938BCB783445}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{286C2DDF-F96B-4B1C-82E4-8521ACFC88EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2B20D5AC-BD9B-4F54-B671-48C8292CE8E5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2EF2B008-78B6-4950-88D7-52491CE725A4}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2FEB8E70-3185-43AD-83BA-78AC2A1DD847}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{326B5AC1-76BD-4368-BB49-279E6857E6FA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3A3F75B9-ACC0-4FC8-9DE7-666145F69CC0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43F89C78-3868-4F76-AF6B-B628C203E32E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44186CD4-9F02-4027-BADF-837B86029CF5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{480A903E-711A-4585-B79B-6CDD7F4B5970}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{484DE3F2-4CF0-461C-8E7E-133837F1B57C}" = lport=138 | protocol=17 | dir=in | app=system |
"{523DE007-A9A5-4035-AA38-0B56DB4865DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{5BE9B27D-A56C-42FA-9B58-9DC2FE3D5FC9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5F13C0D6-BE59-45FE-9CE4-885945FA001B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6963F6D6-6370-4E08-AF31-8EEBACE93447}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6A02569E-3CB1-4303-8FF8-993AEB044BD5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6DAE2EA5-AE71-4FB9-9DCB-6C6238356600}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6E7E1B0D-8018-4C7C-AC21-6226D82B2F27}" = rport=10243 | protocol=6 | dir=out | app=system |
"{701DC2AC-32C8-4D25-BEFE-0042BFAE4CCE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7132A7BC-44B4-4AA0-AD48-B625C7735B06}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{728F6A0E-13B6-498E-9687-7EA8FE664F81}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{73BBE352-7E77-43A9-AC96-6B018709A77E}" = lport=445 | protocol=6 | dir=in | app=system |
"{78424208-BA02-41D0-BA27-B3222346CBC4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7BA60DE7-59B2-42F4-B3E5-857FDCBDB68D}" = lport=139 | protocol=6 | dir=in | app=system |
"{89583BD4-5283-4565-BD76-022821ECD7FA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8ABB0907-5107-42D7-8A40-AF2194A30FA1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8F957970-CEC8-46BC-83EE-FE7AD225A1ED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{91992850-589E-44D4-B83C-6E22A3EE6F62}" = rport=445 | protocol=6 | dir=out | app=system |
"{98CAB6C1-15CB-4BDE-966E-F09871CF8C90}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9ADCE1C4-F5B6-4694-8BCE-86974E14A117}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A090D0A9-D9ED-49F3-8CD8-9E59DCAB7372}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A53D7A58-6A68-4784-85CC-930887A27477}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A804F737-0394-42D0-AA6E-E977863EF503}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AA4BF829-B0E9-4A12-96CF-7E94E16DA26B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B16C7550-F505-427B-A6B6-D550E8CCBAA6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B56C3085-7CCC-42BB-9192-6ABC9A5DA6C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B96AC20A-DD2A-407D-A22F-9D24D6F42A2F}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BE97B18D-054A-4499-9E23-D931DED6094A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=zdieľanie súborov a tlačiarní (služba zaraďovača – rpc-epmap) |
"{C031219F-9288-47C7-BA57-16A267254702}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1386430-6040-4730-AE61-C8B9CEB28540}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CD996FE5-1652-4ADC-8723-3963F4CABAC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0B2D43E-675E-4BCD-BFA7-C6FD8D055DF6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EF89BF71-B052-4BC1-A106-83E8CE7EC6CF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F3879E73-FF25-4C67-AC6A-EB5C9F5D2CDF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCA6CBF6-1B07-4A07-8C29-A9A3EADC5D75}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B1784E-5049-4196-AFD7-F3D18F2BBF72}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{032980EB-1F3D-4E5B-B802-5B2E865CEC41}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\bin\steamwebhelper.exe |
"{048EE993-9DCD-45D1-BB5B-092397F466FE}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{06AD8868-01F6-42BB-B5B4-58A843A42C7C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{0AAEB4B2-46B4-42B7-BDA1-F242D5C937EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0AD3E103-6A94-4627-8B51-F40B4DF2A0F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B38BB59-BC23-4B60-8A52-3D28A8D300BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0C4BE4FD-3487-4B6A-B749-EC7D45E60AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E04EA36-30B7-4911-BD39-BE81362A0323}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10239C74-342C-4994-9F50-54090309B550}" = protocol=6 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{108F09A7-5F40-4C3A-A045-A3DAB9F4B66D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10A15F34-DF6A-4622-8B8B-67FD8F398142}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10C06460-4326-4D5D-B368-15F2BFCCBA1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1123DA4F-91AA-407C-A658-83AE2A3B6DAA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{124182C1-6B41-4923-BBB8-C4AD12C61094}" = protocol=1 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - prichádzajúce prenosy) |
"{1283CF04-D22B-40F8-A502-C77010475A02}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1685821D-7F8B-4DC2-90AD-DB7C44E4E433}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1925302F-A64A-4645-98F3-76B992350922}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19337FC2-F843-4D8A-832F-B04D79218282}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19D11AD5-FB75-44A4-B160-821680656F31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1A334A68-DCB3-4EC9-B870-03D9D7E3C14F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B42ED01-82DC-4584-9459-801EF75A9648}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1BFD1ABC-5976-4154-9C72-57CED88C90B1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E5080B7-6D55-4828-A77A-EB93C42FA30F}" = protocol=58 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - odchádzajúce prenosy) |
"{25CDC8CA-D123-4824-A507-A135D4BE5FB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2689F330-D12D-4C4C-ACC3-EE3ADC3D5B09}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28FD2DAE-54C0-40FA-BC6C-38D7B9329F38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{290A0513-29C4-47F4-8275-1C0BA131DCE1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{293A0DDF-C136-46A9-90B7-6C34688B6C90}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A858801-657E-438E-99B1-77EE7BF2C63B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B2E49D3-7C95-4F3C-9E73-D24734AE372A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{303FC95A-6DC0-4E82-93F5-8C5B954C4DEC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3075C5C6-70FA-411E-BF2E-1E3D352EB4D7}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{30846296-A438-454E-B35F-C3EF5BB3ABEF}" = protocol=17 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{31599C8E-C94D-4CA2-B9E5-4D0F4D263AB8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{334AC3B0-7661-417C-8A95-E5BA368B7C46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{364A80F8-5B50-4EEC-9BC6-769AEFAE2AC1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{372E71A4-DB76-4EC9-9FE4-CB1828B309DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{37F8CDA5-97CE-4E6D-A04F-BCC2C54B58DD}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{3D3064B2-43AF-4513-952E-EF9AE031855C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3E27922B-336C-4E40-8786-2BFE3C6C7214}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{42495CC1-54AE-423D-A5E9-DA3897227854}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43F4B9EB-27B3-40A6-80E3-798CE60096D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{452821A3-4905-46C0-8A1B-FB3B0E5B5F53}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{4646644F-0028-4158-990C-E6F31924FE9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4666E391-B16E-4DF2-8023-4F3BDE0BD06F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{49157683-6207-48CB-9A55-F436A0764895}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{49EF1973-940D-4E17-AE30-57194E36E633}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4BA4FAE2-90B5-4774-A32B-A250299FFBAA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{4C10C3A0-1FD6-47AA-8AF7-7998E47F11B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C843E77-1895-42B2-94AF-86EBB00186BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CD28F21-9DD3-45E6-A969-C7808B46D781}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E327552-7F08-4A87-8B3E-E0FCFC91370C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#4 Příspěvek od juraj228899 »

"{4F3800C7-AC31-4B97-994A-2E6E9577F43B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{502F5BF9-7BE5-4944-AF64-AF7EADDDB9FA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5214A16C-21B5-417E-BB42-E0B2350339A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{53021F11-784B-4BDA-B239-586596827A28}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{54F7E7D5-4F9C-43B3-A082-544B74F708F0}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{5909DDA8-7E81-4798-8DF9-F0C9CDFF7687}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5C6AEFF6-EEA5-478C-811E-FE3ABA02D997}" = protocol=1 | dir=in | name=hlsw icmp |
"{601EC8BC-5C1D-4A6D-9027-D6C5047CE5FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{61A6A9B5-A20F-4E6F-8CB7-476DDD9B5102}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{635444D9-BDAD-40FB-9D8C-0EDF3FFFCB98}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{636A624D-7F50-42A6-8DEC-FC2E06D9F0B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64173DB1-D7CD-4D74-98E0-D16D918A0D52}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{647E327E-D668-49DA-B5B7-84F253616388}" = protocol=58 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - prichádzajúce prenosy) |
"{64F89BDA-529A-4B5D-8FE1-5DD69E4F8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{650A5288-96C8-4B4F-8015-84EA4997E6E1}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6783DB96-E57B-4460-B65D-7F6A0A1A3B48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67C1CFFD-B4B2-41EA-BD89-370F135A404D}" = protocol=17 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{6A54862E-E08E-444E-B6FC-778BF5F0F3D2}" = protocol=1 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - odchádzajúce prenosy) |
"{6AA62B94-5971-4B4E-B5E4-3A38C372D4CE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{6B0E7992-5054-4EA2-9757-032135F18D9B}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6D5ACA6A-365A-45AB-9AD8-5961167E22A8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7206B377-760E-46FD-9E18-3282A80CA753}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7236C5EF-4ABD-4BD3-8A53-A035C0522392}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7237E877-F32B-4762-BB02-EA39594E3B79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7254D613-2A13-4DEB-BAB0-2861FF5CC3B6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\bin\steamwebhelper.exe |
"{74158C12-C669-4FBC-962C-4156FB539B2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{765F0326-BE77-4660-9A76-B0EDBF9E2F5A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{7688C582-E7D2-4B5B-90EA-26A0477EF64C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{77DECB87-E948-489A-B88F-520069310FBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79464835-5A70-4D11-8B14-18968A8B94CF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79B4B8F1-B535-41EF-B088-EFFF0F679094}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A52FBA7-C699-4B34-A3D1-52BFACB2B4BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D02AEF8-16CB-4B0E-B05E-4F3CBCBC7FC5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{7ED90239-59FA-4F1E-8D6B-9CEB4A5AB193}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7FB4DD67-1994-4B1F-820D-218030E89D0C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{866766B2-9217-4438-A578-012BF03D489B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87730556-7979-4CF3-AC26-6DE8650EAC3B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8796FDE8-C025-4568-B2D2-28103FD338B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{895F92EF-DDC9-4CF1-8A0B-6C2558853FA2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{901591C8-9D88-4771-A738-FD990E86CF29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{916018DE-2A39-4DE7-A3C7-F373034E6809}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{948FDDE2-BC05-4636-8851-A74A259D53A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{94B0F6BA-91AB-4024-83B1-1CAB86B8B200}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{9845F55E-5273-45FA-A9B8-CFF15447809A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{996C5876-0728-43E5-8533-2A5E2C850072}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{998D3871-65DD-4FA2-B3E6-909D0D768192}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A8DAD25-0252-49E7-8157-60AE9A4DB745}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9C035D89-13E9-43B7-B2AE-3F1976CFC63C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{9D1BFB6A-4D49-4C1E-9027-9F538FBA480A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E21008F-4DE1-4D2E-8CB3-536D7D08E353}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{A29545CA-2DF3-40D4-A1F1-55627338D4E6}" = dir=in | app=d:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{A39ED8E2-AECC-46BD-8A56-7A63F3AC1885}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6B84B2A-DDC6-4676-A840-313A5F42E35D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A7840372-50B4-4A56-BDA1-FD8DC8E8EB34}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A2E48F-8488-4CEE-8E56-BAAE4DD5C1BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ABF80058-F902-4D32-9F01-A3D83BB8D688}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{AC5500E6-3ACE-4F33-821B-0C237CD6DE61}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AD702EAD-A6B4-4E5E-9116-1343662AF8A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADB61BBC-2CDC-45A9-B414-5F35A1CF86B7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{ADDF94CE-5D22-42F4-B273-8E4CFF5F247E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AFE7DF34-B72F-429B-8828-07621D2DBA7E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B23A708B-B9E7-439B-A021-3F0B154016D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B27CE49A-3EAA-4610-B0CB-69C083C655EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B344BD2D-9D9A-44C1-87CF-E008125D7112}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B37069FF-0E83-4297-8ECD-F855957E914F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B4523001-B7AE-492B-B3AA-B1F6E2CC28F7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B72E0CE8-E631-4858-9D63-48A01F06D98A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBC577A2-730B-46FA-B3BC-03E65893B843}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC61B0E3-3A4D-4A2F-87C2-F54C5FF8BCA9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BD614B7E-4DA1-4641-820C-823023A4A489}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{BDF40FD9-90A4-4CED-9A6D-65A1772A7E0D}" = protocol=6 | dir=out | app=system |
"{C1CC25FA-147D-4099-967A-ADC99CCFD808}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C240637D-5520-4258-9F06-221D3F793FF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2B9BD4A-DAE5-48AC-A244-9FF7F02F2884}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C323CCD0-8698-408D-81B3-A44C91CF34ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C48EADDF-554A-4EBA-ADD0-274AE278063C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C5CC0FC6-A4F4-4985-8029-0CF6E78F2CFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6128B6E-442D-4251-A536-01BB35C38BCE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{C9C43506-EE61-4CC5-96A0-F3EF79FB1982}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA66718F-34EC-408A-9B05-530F6A339616}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CAA8A904-C7FE-4C5E-84A9-941044247A29}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDAD7783-0EA2-43CB-AEDA-7C95635AFA0A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CDBE97AE-6D05-4ED9-B750-56B751B8F258}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE1464A2-4AEB-49B5-BB33-7F142C485736}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{D07045C7-67CD-4E33-A1CB-276A711B6B71}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D09D4013-84E8-4E80-9D8D-34F3CEA21957}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{D10BCF07-23B0-4B44-A27E-60A3280777E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D1BCAD04-5C91-4CF1-B5D1-12C78801614F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2AB7B1B-0A22-4869-8174-F49AE7F35BBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3162736-1B24-4E30-B3F4-4D95CF9FAB16}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3C9DF15-10BA-4BE8-90DF-35084D4E9AD9}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{D580329E-073E-403F-B146-267FFF993143}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5929045-96E6-4E97-905D-054601E7EC8C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8754D21-15FA-4FB4-86C9-831247AE8CF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB54EED5-06FC-4713-8B98-49A13C3C3719}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{DCF3D4AD-1E54-46B2-A134-D7DC45195361}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE2FFAAD-3FC3-4D3B-A6E6-57BA823025C3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E1BB10AD-8D18-4C32-9791-6D5ECD96858B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E3D778BC-374A-4527-8D94-4E0627F3E31B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5D31F14-48A8-452E-B6B1-D3B0CBB4E745}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E65421E4-DA45-47D6-8FC5-887761254AF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E75FEEBA-6D97-453E-896B-C2F63510AE8D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB19AD90-4A78-4EE9-87AA-BA00A1FDA5E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB8E99A7-FE73-43B2-9BA9-7D37293A1089}" = protocol=6 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{EBB22D4A-4E9F-4AB9-A9E6-0E48465381A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EF66A196-381A-48EC-859E-9F4392BF4476}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{EFFBB69A-21F4-4420-8600-0A2BE376A8B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F0E9F919-AAC9-4CFF-86B3-782D8AA9309B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1110064-4D1E-4AB3-88B3-D10E2C1F05AC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1ADF0B5-2657-469C-91C5-10DDF03A061C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F424301F-CC13-4F59-96CD-8C199F4DD1D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F448613C-6048-4125-8110-1830B8302F91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F4513329-0269-47E7-93C2-2D8FF53B2D90}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F490C467-1D9E-4273-AC03-41F5CEE8A4C7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F579334B-6139-46DC-93C6-CB0FDD13041E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F57F970A-AFB2-488D-817C-4844654F1B78}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F70DC48F-243A-41D8-AC8D-B97907BBE4B4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F71388D3-6A72-41E0-8705-41350FAF32BC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F791BB53-5BF3-4ED8-B10D-C6A6BBF06131}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7E6D5F2-530F-4B40-8C93-20C5DBA1798F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F8951B56-6A48-4770-B4B7-6EB220C14170}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{FAC14280-AA9A-499F-8032-40C6E388DAB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB9461F7-51F1-4EF1-B29D-1210B1961F74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FD567EA0-CBF7-4B37-991B-01C0EF2FAAB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEC7BF18-FE0B-471E-B7DA-40979596EAE6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{FEC89DC9-68B5-4269-A285-173DBA9AE2D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1463F53A-A62B-456C-AB7E-7A4A5A281C8E}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=6 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"TCP Query User{180D656B-B6A5-46B7-B599-7402C55FD920}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{465750E6-5CAF-4429-B315-E6758B9BDBC0}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{4B26CFDF-7604-45F6-9F16-640F2BA72FFB}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{80356DEA-0455-4E1B-A21D-AB275C6223D6}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=6 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"TCP Query User{B1FDA88B-2E1E-4835-9E47-C971DDCB4AF3}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B52412C6-211C-48D5-B559-31B8A8B3118F}D:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"TCP Query User{C3DF136E-9783-4F51-9235-612ABD11D3CB}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{E9BFC619-937F-40A1-BBFA-E73C04224B87}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{EFDEFE41-E955-49E1-8EA7-86D2CD83B3AA}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{35E6EF0E-51C0-4590-9962-96227EE24937}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{41723BA1-FF79-48A0-8B4D-3A10F6D535E5}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{471D440B-F3C5-4B6B-B158-818123E2505B}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{491B0846-D4C3-43F8-A68C-179501686B8B}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=17 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"UDP Query User{5D88DEE0-995E-4963-93C8-D48756AF4585}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{67C077CD-40B0-4682-8AF7-251493E321FC}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{926F4F03-AAB9-4B14-A4C6-2371AF9CC359}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{C019B0EE-8E53-4D11-8146-EB1FFFE5F038}D:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"UDP Query User{DA80D72D-BAE3-4E4B-8D44-A4013F2DE4CD}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=17 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"UDP Query User{E2BC1903-13F4-4F01-AAF9-0202170B089A}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{40BD15A3-E031-5CF1-6994-550A4C059127}" = ATI Catalyst Install Manager
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6FA29B87-FED3-45A1-8A95-2FDEE0F6DD18}" = HP Photosmart C5300 All-In-One Driver Software 13.0 Rel. 4
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1693
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = GX GAMING CAVIMANUS HEADSET
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}" = C5300
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{153898EE-EECA-471E-8E33-C8485EA84C07}" = QSS Installation Program
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{235BBFC6-D863-4066-A01A-3BD504C31033}" = Nero 7 Ultra Edition
"{235BBFC6-D863-4066-A01A-3BD504C31051}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 29
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{567C4A87-9029-4001-ACF1-CFC0717EC1A0}" = PS_AIO_04_C5300_Software_Min
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA0FE8DB-61C4-4098-9553-C842D3986DD2}" = C5300_NCL_Help
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.11) - Czech
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Avast" = Avast Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"HD Tune_is1" = HD Tune 2.55
"HLSW_is1" = HLSW v1.4.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Shockwave" = Shockwave
"STANDARD" = Microsoft Office Standard 2007
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"VLC media player" = VLC media player 2.1.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 26. 1. 2015 20:43:45 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 26. 1. 2015 20:43:45 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:48:47 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 4:48:47 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 18:31:53 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 18:31:53 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ OSession Events ]
Error - 17. 11. 2014 12:06:21 | Computer Name = HeCToR-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 241
seconds with 60 seconds of active time. This session ended with a crash.

Error - 11. 1. 2015 14:03:34 | Computer Name = HeCToR-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 249
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search bola ukončená s chybou služby %%-1073473535.

Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 27. 1. 2015 4:42:37 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
Kód chyby: 126

Error - 27. 1. 2015 4:42:48 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Net Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 4:42:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Pml Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 4:42:57 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: SBRE

Error - 27. 1. 2015 18:25:59 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
Kód chyby: 126

Error - 27. 1. 2015 18:26:12 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Net Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 18:26:14 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Pml Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 18:26:19 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: SBRE


< End of report >
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: kontrola logu

#5 Příspěvek od altrok »

Vlozil jste jen Extras.txt
potrebuju i ten druhy OTL.txt
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#6 Příspěvek od juraj228899 »

OTL Extras logfile created on: 28. 1. 2015 0:12:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HeCToR\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,62% Memory free
8,00 Gb Paging File | 6,65 Gb Available in Paging File | 83,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273,34 Gb Total Space | 205,60 Gb Free Space | 75,22% Space Free | Partition Type: NTFS
Drive D: | 322,73 Gb Total Space | 280,20 Gb Free Space | 86,82% Space Free | Partition Type: NTFS

Computer Name: HECTOR-PC | User Name: HeCToR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EFF3FE-F352-405D-BD2D-3C72C033D25C}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{0A0C38F6-AE22-4B5B-A889-382B2FC43C04}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E5CD1C5-0990-425B-9398-98902B49D461}" = rport=137 | protocol=17 | dir=out | app=system |
"{15F42248-AE1D-4086-BF05-2A09949D1312}" = lport=137 | protocol=17 | dir=in | app=system |
"{17934463-039C-40DD-AE7B-938BCB783445}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{286C2DDF-F96B-4B1C-82E4-8521ACFC88EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2B20D5AC-BD9B-4F54-B671-48C8292CE8E5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2EF2B008-78B6-4950-88D7-52491CE725A4}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2FEB8E70-3185-43AD-83BA-78AC2A1DD847}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{326B5AC1-76BD-4368-BB49-279E6857E6FA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3A3F75B9-ACC0-4FC8-9DE7-666145F69CC0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43F89C78-3868-4F76-AF6B-B628C203E32E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44186CD4-9F02-4027-BADF-837B86029CF5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{480A903E-711A-4585-B79B-6CDD7F4B5970}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{484DE3F2-4CF0-461C-8E7E-133837F1B57C}" = lport=138 | protocol=17 | dir=in | app=system |
"{523DE007-A9A5-4035-AA38-0B56DB4865DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{5BE9B27D-A56C-42FA-9B58-9DC2FE3D5FC9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5F13C0D6-BE59-45FE-9CE4-885945FA001B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6963F6D6-6370-4E08-AF31-8EEBACE93447}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6A02569E-3CB1-4303-8FF8-993AEB044BD5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6DAE2EA5-AE71-4FB9-9DCB-6C6238356600}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6E7E1B0D-8018-4C7C-AC21-6226D82B2F27}" = rport=10243 | protocol=6 | dir=out | app=system |
"{701DC2AC-32C8-4D25-BEFE-0042BFAE4CCE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7132A7BC-44B4-4AA0-AD48-B625C7735B06}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{728F6A0E-13B6-498E-9687-7EA8FE664F81}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{73BBE352-7E77-43A9-AC96-6B018709A77E}" = lport=445 | protocol=6 | dir=in | app=system |
"{78424208-BA02-41D0-BA27-B3222346CBC4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7BA60DE7-59B2-42F4-B3E5-857FDCBDB68D}" = lport=139 | protocol=6 | dir=in | app=system |
"{89583BD4-5283-4565-BD76-022821ECD7FA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8ABB0907-5107-42D7-8A40-AF2194A30FA1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8F957970-CEC8-46BC-83EE-FE7AD225A1ED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{91992850-589E-44D4-B83C-6E22A3EE6F62}" = rport=445 | protocol=6 | dir=out | app=system |
"{98CAB6C1-15CB-4BDE-966E-F09871CF8C90}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9ADCE1C4-F5B6-4694-8BCE-86974E14A117}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A090D0A9-D9ED-49F3-8CD8-9E59DCAB7372}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A53D7A58-6A68-4784-85CC-930887A27477}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A804F737-0394-42D0-AA6E-E977863EF503}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AA4BF829-B0E9-4A12-96CF-7E94E16DA26B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B16C7550-F505-427B-A6B6-D550E8CCBAA6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B56C3085-7CCC-42BB-9192-6ABC9A5DA6C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B96AC20A-DD2A-407D-A22F-9D24D6F42A2F}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BE97B18D-054A-4499-9E23-D931DED6094A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=zdieľanie súborov a tlačiarní (služba zaraďovača – rpc-epmap) |
"{C031219F-9288-47C7-BA57-16A267254702}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1386430-6040-4730-AE61-C8B9CEB28540}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CD996FE5-1652-4ADC-8723-3963F4CABAC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0B2D43E-675E-4BCD-BFA7-C6FD8D055DF6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EF89BF71-B052-4BC1-A106-83E8CE7EC6CF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F3879E73-FF25-4C67-AC6A-EB5C9F5D2CDF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCA6CBF6-1B07-4A07-8C29-A9A3EADC5D75}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B1784E-5049-4196-AFD7-F3D18F2BBF72}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{032980EB-1F3D-4E5B-B802-5B2E865CEC41}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\bin\steamwebhelper.exe |
"{048EE993-9DCD-45D1-BB5B-092397F466FE}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{06AD8868-01F6-42BB-B5B4-58A843A42C7C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{0AAEB4B2-46B4-42B7-BDA1-F242D5C937EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0AD3E103-6A94-4627-8B51-F40B4DF2A0F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B38BB59-BC23-4B60-8A52-3D28A8D300BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0C4BE4FD-3487-4B6A-B749-EC7D45E60AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E04EA36-30B7-4911-BD39-BE81362A0323}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10239C74-342C-4994-9F50-54090309B550}" = protocol=6 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{108F09A7-5F40-4C3A-A045-A3DAB9F4B66D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10A15F34-DF6A-4622-8B8B-67FD8F398142}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10C06460-4326-4D5D-B368-15F2BFCCBA1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1123DA4F-91AA-407C-A658-83AE2A3B6DAA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{124182C1-6B41-4923-BBB8-C4AD12C61094}" = protocol=1 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - prichádzajúce prenosy) |
"{1283CF04-D22B-40F8-A502-C77010475A02}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1685821D-7F8B-4DC2-90AD-DB7C44E4E433}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1925302F-A64A-4645-98F3-76B992350922}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19337FC2-F843-4D8A-832F-B04D79218282}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19D11AD5-FB75-44A4-B160-821680656F31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1A334A68-DCB3-4EC9-B870-03D9D7E3C14F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B42ED01-82DC-4584-9459-801EF75A9648}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1BFD1ABC-5976-4154-9C72-57CED88C90B1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E5080B7-6D55-4828-A77A-EB93C42FA30F}" = protocol=58 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - odchádzajúce prenosy) |
"{25CDC8CA-D123-4824-A507-A135D4BE5FB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2689F330-D12D-4C4C-ACC3-EE3ADC3D5B09}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28FD2DAE-54C0-40FA-BC6C-38D7B9329F38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{290A0513-29C4-47F4-8275-1C0BA131DCE1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{293A0DDF-C136-46A9-90B7-6C34688B6C90}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A858801-657E-438E-99B1-77EE7BF2C63B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B2E49D3-7C95-4F3C-9E73-D24734AE372A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{303FC95A-6DC0-4E82-93F5-8C5B954C4DEC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3075C5C6-70FA-411E-BF2E-1E3D352EB4D7}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{30846296-A438-454E-B35F-C3EF5BB3ABEF}" = protocol=17 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{31599C8E-C94D-4CA2-B9E5-4D0F4D263AB8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{334AC3B0-7661-417C-8A95-E5BA368B7C46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{364A80F8-5B50-4EEC-9BC6-769AEFAE2AC1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{372E71A4-DB76-4EC9-9FE4-CB1828B309DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{37F8CDA5-97CE-4E6D-A04F-BCC2C54B58DD}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{3D3064B2-43AF-4513-952E-EF9AE031855C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3E27922B-336C-4E40-8786-2BFE3C6C7214}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{42495CC1-54AE-423D-A5E9-DA3897227854}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43F4B9EB-27B3-40A6-80E3-798CE60096D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{452821A3-4905-46C0-8A1B-FB3B0E5B5F53}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{4646644F-0028-4158-990C-E6F31924FE9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4666E391-B16E-4DF2-8023-4F3BDE0BD06F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{49157683-6207-48CB-9A55-F436A0764895}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{49EF1973-940D-4E17-AE30-57194E36E633}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4BA4FAE2-90B5-4774-A32B-A250299FFBAA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{4C10C3A0-1FD6-47AA-8AF7-7998E47F11B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C843E77-1895-42B2-94AF-86EBB00186BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CD28F21-9DD3-45E6-A969-C7808B46D781}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E327552-7F08-4A87-8B3E-E0FCFC91370C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F3800C7-AC31-4B97-994A-2E6E9577F43B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{502F5BF9-7BE5-4944-AF64-AF7EADDDB9FA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5214A16C-21B5-417E-BB42-E0B2350339A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{53021F11-784B-4BDA-B239-586596827A28}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{54F7E7D5-4F9C-43B3-A082-544B74F708F0}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{5909DDA8-7E81-4798-8DF9-F0C9CDFF7687}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5C6AEFF6-EEA5-478C-811E-FE3ABA02D997}" = protocol=1 | dir=in | name=hlsw icmp |
"{601EC8BC-5C1D-4A6D-9027-D6C5047CE5FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{61A6A9B5-A20F-4E6F-8CB7-476DDD9B5102}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{635444D9-BDAD-40FB-9D8C-0EDF3FFFCB98}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{636A624D-7F50-42A6-8DEC-FC2E06D9F0B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64173DB1-D7CD-4D74-98E0-D16D918A0D52}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{647E327E-D668-49DA-B5B7-84F253616388}" = protocol=58 | dir=in | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv6 - prichádzajúce prenosy) |
"{64F89BDA-529A-4B5D-8FE1-5DD69E4F8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{650A5288-96C8-4B4F-8015-84EA4997E6E1}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6783DB96-E57B-4460-B65D-7F6A0A1A3B48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67C1CFFD-B4B2-41EA-BD89-370F135A404D}" = protocol=17 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{6A54862E-E08E-444E-B6FC-778BF5F0F3D2}" = protocol=1 | dir=out | name=zdieľanie súborov a tlačiarní (žiadosť o echo - icmpv4 - odchádzajúce prenosy) |
"{6AA62B94-5971-4B4E-B5E4-3A38C372D4CE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{6B0E7992-5054-4EA2-9757-032135F18D9B}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6D5ACA6A-365A-45AB-9AD8-5961167E22A8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7206B377-760E-46FD-9E18-3282A80CA753}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7236C5EF-4ABD-4BD3-8A53-A035C0522392}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7237E877-F32B-4762-BB02-EA39594E3B79}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7254D613-2A13-4DEB-BAB0-2861FF5CC3B6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\bin\steamwebhelper.exe |
"{74158C12-C669-4FBC-962C-4156FB539B2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{765F0326-BE77-4660-9A76-B0EDBF9E2F5A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{7688C582-E7D2-4B5B-90EA-26A0477EF64C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{77DECB87-E948-489A-B88F-520069310FBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79464835-5A70-4D11-8B14-18968A8B94CF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79B4B8F1-B535-41EF-B088-EFFF0F679094}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A52FBA7-C699-4B34-A3D1-52BFACB2B4BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D02AEF8-16CB-4B0E-B05E-4F3CBCBC7FC5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{7ED90239-59FA-4F1E-8D6B-9CEB4A5AB193}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7FB4DD67-1994-4B1F-820D-218030E89D0C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{866766B2-9217-4438-A578-012BF03D489B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87730556-7979-4CF3-AC26-6DE8650EAC3B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8796FDE8-C025-4568-B2D2-28103FD338B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{895F92EF-DDC9-4CF1-8A0B-6C2558853FA2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{901591C8-9D88-4771-A738-FD990E86CF29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{916018DE-2A39-4DE7-A3C7-F373034E6809}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{948FDDE2-BC05-4636-8851-A74A259D53A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{94B0F6BA-91AB-4024-83B1-1CAB86B8B200}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{9845F55E-5273-45FA-A9B8-CFF15447809A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{996C5876-0728-43E5-8533-2A5E2C850072}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{998D3871-65DD-4FA2-B3E6-909D0D768192}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A8DAD25-0252-49E7-8157-60AE9A4DB745}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9C035D89-13E9-43B7-B2AE-3F1976CFC63C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{9D1BFB6A-4D49-4C1E-9027-9F538FBA480A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E21008F-4DE1-4D2E-8CB3-536D7D08E353}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{A29545CA-2DF3-40D4-A1F1-55627338D4E6}" = dir=in | app=d:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{A39ED8E2-AECC-46BD-8A56-7A63F3AC1885}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6B84B2A-DDC6-4676-A840-313A5F42E35D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A7840372-50B4-4A56-BDA1-FD8DC8E8EB34}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A2E48F-8488-4CEE-8E56-BAAE4DD5C1BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ABF80058-F902-4D32-9F01-A3D83BB8D688}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{AC5500E6-3ACE-4F33-821B-0C237CD6DE61}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AD702EAD-A6B4-4E5E-9116-1343662AF8A4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADB61BBC-2CDC-45A9-B414-5F35A1CF86B7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{ADDF94CE-5D22-42F4-B273-8E4CFF5F247E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AFE7DF34-B72F-429B-8828-07621D2DBA7E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B23A708B-B9E7-439B-A021-3F0B154016D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B27CE49A-3EAA-4610-B0CB-69C083C655EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B344BD2D-9D9A-44C1-87CF-E008125D7112}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B37069FF-0E83-4297-8ECD-F855957E914F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B4523001-B7AE-492B-B3AA-B1F6E2CC28F7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B72E0CE8-E631-4858-9D63-48A01F06D98A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBC577A2-730B-46FA-B3BC-03E65893B843}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC61B0E3-3A4D-4A2F-87C2-F54C5FF8BCA9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BD614B7E-4DA1-4641-820C-823023A4A489}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{BDF40FD9-90A4-4CED-9A6D-65A1772A7E0D}" = protocol=6 | dir=out | app=system |
"{C1CC25FA-147D-4099-967A-ADC99CCFD808}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C240637D-5520-4258-9F06-221D3F793FF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2B9BD4A-DAE5-48AC-A244-9FF7F02F2884}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C323CCD0-8698-408D-81B3-A44C91CF34ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C48EADDF-554A-4EBA-ADD0-274AE278063C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C5CC0FC6-A4F4-4985-8029-0CF6E78F2CFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6128B6E-442D-4251-A536-01BB35C38BCE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{C9C43506-EE61-4CC5-96A0-F3EF79FB1982}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA66718F-34EC-408A-9B05-530F6A339616}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CAA8A904-C7FE-4C5E-84A9-941044247A29}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDAD7783-0EA2-43CB-AEDA-7C95635AFA0A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CDBE97AE-6D05-4ED9-B750-56B751B8F258}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE1464A2-4AEB-49B5-BB33-7F142C485736}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{D07045C7-67CD-4E33-A1CB-276A711B6B71}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D09D4013-84E8-4E80-9D8D-34F3CEA21957}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{D10BCF07-23B0-4B44-A27E-60A3280777E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D1BCAD04-5C91-4CF1-B5D1-12C78801614F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2AB7B1B-0A22-4869-8174-F49AE7F35BBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3162736-1B24-4E30-B3F4-4D95CF9FAB16}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3C9DF15-10BA-4BE8-90DF-35084D4E9AD9}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{D580329E-073E-403F-B146-267FFF993143}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5929045-96E6-4E97-905D-054601E7EC8C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8754D21-15FA-4FB4-86C9-831247AE8CF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB54EED5-06FC-4713-8B98-49A13C3C3719}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{DCF3D4AD-1E54-46B2-A134-D7DC45195361}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE2FFAAD-3FC3-4D3B-A6E6-57BA823025C3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E1BB10AD-8D18-4C32-9791-6D5ECD96858B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E3D778BC-374A-4527-8D94-4E0627F3E31B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5D31F14-48A8-452E-B6B1-D3B0CBB4E745}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E65421E4-DA45-47D6-8FC5-887761254AF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E75FEEBA-6D97-453E-896B-C2F63510AE8D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB19AD90-4A78-4EE9-87AA-BA00A1FDA5E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB8E99A7-FE73-43B2-9BA9-7D37293A1089}" = protocol=6 | dir=in | app=c:\users\hector\appdata\roaming\utorrent\utorrent.exe |
"{EBB22D4A-4E9F-4AB9-A9E6-0E48465381A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EF66A196-381A-48EC-859E-9F4392BF4476}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{EFFBB69A-21F4-4420-8600-0A2BE376A8B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F0E9F919-AAC9-4CFF-86B3-782D8AA9309B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1110064-4D1E-4AB3-88B3-D10E2C1F05AC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1ADF0B5-2657-469C-91C5-10DDF03A061C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F424301F-CC13-4F59-96CD-8C199F4DD1D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F448613C-6048-4125-8110-1830B8302F91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F4513329-0269-47E7-93C2-2D8FF53B2D90}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F490C467-1D9E-4273-AC03-41F5CEE8A4C7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F579334B-6139-46DC-93C6-CB0FDD13041E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F57F970A-AFB2-488D-817C-4844654F1B78}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F70DC48F-243A-41D8-AC8D-B97907BBE4B4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F71388D3-6A72-41E0-8705-41350FAF32BC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F791BB53-5BF3-4ED8-B10D-C6A6BBF06131}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7E6D5F2-530F-4B40-8C93-20C5DBA1798F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F8951B56-6A48-4770-B4B7-6EB220C14170}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{FAC14280-AA9A-499F-8032-40C6E388DAB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB9461F7-51F1-4EF1-B29D-1210B1961F74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FD567EA0-CBF7-4B37-991B-01C0EF2FAAB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEC7BF18-FE0B-471E-B7DA-40979596EAE6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{FEC89DC9-68B5-4269-A285-173DBA9AE2D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1463F53A-A62B-456C-AB7E-7A4A5A281C8E}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=6 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"TCP Query User{180D656B-B6A5-46B7-B599-7402C55FD920}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{465750E6-5CAF-4429-B315-E6758B9BDBC0}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{4B26CFDF-7604-45F6-9F16-640F2BA72FFB}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{80356DEA-0455-4E1B-A21D-AB275C6223D6}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=6 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"TCP Query User{B1FDA88B-2E1E-4835-9E47-C971DDCB4AF3}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B52412C6-211C-48D5-B559-31B8A8B3118F}D:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"TCP Query User{C3DF136E-9783-4F51-9235-612ABD11D3CB}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{E9BFC619-937F-40A1-BBFA-E73C04224B87}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{EFDEFE41-E955-49E1-8EA7-86D2CD83B3AA}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{35E6EF0E-51C0-4590-9962-96227EE24937}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{41723BA1-FF79-48A0-8B4D-3A10F6D535E5}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{471D440B-F3C5-4B6B-B158-818123E2505B}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{491B0846-D4C3-43F8-A68C-179501686B8B}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=17 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"UDP Query User{5D88DEE0-995E-4963-93C8-D48756AF4585}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{67C077CD-40B0-4682-8AF7-251493E321FC}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{926F4F03-AAB9-4B14-A4C6-2371AF9CC359}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{C019B0EE-8E53-4D11-8146-EB1FFFE5F038}D:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe |
"UDP Query User{DA80D72D-BAE3-4E4B-8D44-A4013F2DE4CD}D:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=17 | dir=in | app=d:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"UDP Query User{E2BC1903-13F4-4F01-AAF9-0202170B089A}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{40BD15A3-E031-5CF1-6994-550A4C059127}" = ATI Catalyst Install Manager
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6FA29B87-FED3-45A1-8A95-2FDEE0F6DD18}" = HP Photosmart C5300 All-In-One Driver Software 13.0 Rel. 4
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1693
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = GX GAMING CAVIMANUS HEADSET
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}" = C5300
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{153898EE-EECA-471E-8E33-C8485EA84C07}" = QSS Installation Program
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{235BBFC6-D863-4066-A01A-3BD504C31033}" = Nero 7 Ultra Edition
"{235BBFC6-D863-4066-A01A-3BD504C31051}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 29
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{567C4A87-9029-4001-ACF1-CFC0717EC1A0}" = PS_AIO_04_C5300_Software_Min
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA0FE8DB-61C4-4098-9553-C842D3986DD2}" = C5300_NCL_Help
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.11) - Czech
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Avast" = Avast Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"HD Tune_is1" = HD Tune 2.55
"HLSW_is1" = HLSW v1.4.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Shockwave" = Shockwave
"STANDARD" = Microsoft Office Standard 2007
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"VLC media player" = VLC media player 2.1.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 26. 1. 2015 20:43:45 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 26. 1. 2015 20:43:45 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:42:55 | Computer Name = HeCToR-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 27. 1. 2015 4:48:47 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 4:48:47 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 18:31:53 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27. 1. 2015 18:31:53 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ OSession Events ]
Error - 17. 11. 2014 12:06:21 | Computer Name = HeCToR-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 241
seconds with 60 seconds of active time. This session ended with a crash.

Error - 11. 1. 2015 14:03:34 | Computer Name = HeCToR-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 249
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search bola ukončená s chybou služby %%-1073473535.

Error - 26. 1. 2015 20:38:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 27. 1. 2015 4:42:37 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
Kód chyby: 126

Error - 27. 1. 2015 4:42:48 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Net Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 4:42:50 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Pml Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 4:42:57 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: SBRE

Error - 27. 1. 2015 18:25:59 | Computer Name = HeCToR-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
Kód chyby: 126

Error - 27. 1. 2015 18:26:12 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Net Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 18:26:14 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7023
Description = Služba Pml Driver HPZ12 bola ukončená s nasledujúcou chybou: %%2

Error - 27. 1. 2015 18:26:19 | Computer Name = HeCToR-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: SBRE


< End of report >
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#7 Příspěvek od juraj228899 »

OTL logfile created on: 28. 1. 2015 0:12:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HeCToR\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,62% Memory free
8,00 Gb Paging File | 6,65 Gb Available in Paging File | 83,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273,34 Gb Total Space | 205,60 Gb Free Space | 75,22% Space Free | Partition Type: NTFS
Drive D: | 322,73 Gb Total Space | 280,20 Gb Free Space | 86,82% Space Free | Partition Type: NTFS

Computer Name: HECTOR-PC | User Name: HeCToR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/01/28 00:10:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HeCToR\Desktop\OTL.exe
PRC - [2014/12/13 01:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/12/13 01:12:55 | 002,531,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/12/13 01:12:52 | 001,701,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/11/01 13:28:43 | 005,223,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/10/25 14:51:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/05/08 12:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/15 18:55:54 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/04/02 05:27:28 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe


========== Modules (No Company Name) ==========

MOD - [2014/10/25 14:51:52 | 038,561,576 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/12/13 01:12:52 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/12/13 01:12:51 | 019,823,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/10/25 14:51:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/07/23 00:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/03/29 09:04:12 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Pml Driver HPZ12)
SRV:64bit: - [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (Net Driver HPZ12)
SRV - [2015/01/25 22:20:09 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/13 01:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/12/13 01:12:52 | 001,701,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/05/08 12:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 18:55:54 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/14 16:12:34 | 000,954,368 | ---- | M] (Wireless) [Disabled | Stopped] -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)
SRV - [2009/08/14 16:12:34 | 000,265,216 | ---- | M] (Wireless) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/02 05:27:28 | 000,090,112 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/01/27 00:58:56 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014/12/13 01:12:51 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/11/22 16:41:47 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/22 11:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/11/01 13:28:43 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
DRV:64bit: - [2014/10/25 14:51:52 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/10/25 14:51:52 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/10/25 14:51:52 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/10/25 14:51:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/10/25 14:51:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/10/25 14:51:52 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/10/09 18:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/20 16:45:58 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/08/04 21:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/01/05 03:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009/11/18 10:55:50 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2009/09/21 09:33:06 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009/08/14 16:12:34 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2009/07/16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 05:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/11 13:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr)
DRV - [2014/10/24 23:16:34 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\EEK\bin\cleanhlp64.sys -- (cleanhlp)
DRV - [2009/09/21 09:33:06 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F F8 59 F1 EA 2C CB 01 [binary data]
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin: C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: D:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF}: C:\PROGRAM FILES\IMPI\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/22 19:48:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF}: C:\Program Files\IMPI\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/10/25 14:51:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/22 19:48:37 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmccoingipfnbiilpihobmeikpgdcfi\10.82.4.30072_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2015/01/27 01:24:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll File not found
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2835872318-1652769558-430925286-1000..\Run: [CCleaner Monitoring] C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2835872318-1652769558-430925286-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKU\S-1-5-21-2835872318-1652769558-430925286-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27E4EDC2-8BCF-4BB3-843E-C261C446C222}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\Windows\SysWow64\KMVIDC32.DLL ()
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\Iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/01/28 00:10:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\HeCToR\Desktop\OTL.exe
[2015/01/27 09:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2015/01/27 09:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2015/01/27 01:26:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/01/27 01:15:39 | 005,610,622 | R--- | C] (Swearware) -- C:\Users\HeCToR\Desktop\ComboFix.exe
[2015/01/27 00:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015/01/27 00:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/01/27 00:22:21 | 000,000,000 | ---D | C] -- C:\Users\HeCToR\AppData\Roaming\SUPERAntiSpyware.com
[2015/01/27 00:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2015/01/27 00:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015/01/27 00:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2015/01/21 18:05:07 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015/01/21 18:05:07 | 001,291,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015/01/21 18:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2015/01/21 18:04:10 | 000,620,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015/01/21 18:03:42 | 002,558,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2015/01/21 18:01:35 | 032,099,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015/01/21 18:01:35 | 024,764,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015/01/21 18:01:35 | 018,594,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015/01/21 18:01:35 | 017,264,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015/01/21 18:01:35 | 016,040,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2015/01/21 18:01:35 | 014,128,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2015/01/21 18:01:35 | 013,288,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015/01/21 18:01:35 | 013,202,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015/01/21 18:01:35 | 010,770,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015/01/21 18:01:35 | 010,710,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015/01/21 18:01:35 | 003,610,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015/01/21 18:01:35 | 003,248,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015/01/21 18:01:35 | 001,895,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434709.dll
[2015/01/21 18:01:35 | 001,556,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434709.dll
[2015/01/21 18:01:35 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2015/01/21 18:01:35 | 000,994,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015/01/21 18:01:35 | 000,968,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015/01/21 18:01:35 | 000,942,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015/01/21 18:01:35 | 000,928,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015/01/21 18:01:35 | 000,906,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015/01/21 18:01:35 | 000,876,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015/01/21 18:01:35 | 000,353,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015/01/21 18:01:35 | 000,306,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015/01/21 18:01:35 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015/01/21 18:01:35 | 000,178,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015/01/21 18:01:35 | 000,165,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015/01/21 18:01:35 | 000,038,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015/01/21 18:01:35 | 000,032,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015/01/21 18:01:35 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015/01/21 18:01:34 | 025,460,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015/01/21 18:01:34 | 020,465,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015/01/02 17:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\EA SPORTS
[2015/01/01 16:46:58 | 000,000,000 | ---D | C] -- C:\Users\HeCToR\Documents\NHL 2004
[2015/01/01 16:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2014/03/14 18:45:57 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
[2014/03/14 18:45:57 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/01/28 00:13:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/01/28 00:10:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HeCToR\Desktop\OTL.exe
[2015/01/27 23:33:40 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/27 23:33:40 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/27 23:33:36 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/27 23:31:53 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/27 23:31:53 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/27 23:31:53 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/27 23:28:34 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/27 23:25:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/27 23:25:53 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/27 11:20:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/27 09:50:41 | 000,000,926 | ---- | M] () -- C:\Users\HeCToR\Desktop\HD Tune.lnk
[2015/01/27 01:38:14 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 753a0dfa-182f-4240-9a09-a27f1271da22.job
[2015/01/27 01:38:13 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 10fb802b-9913-4c0d-9a54-33107ba969e3.job
[2015/01/27 01:24:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/01/27 01:15:49 | 005,610,622 | R--- | M] (Swearware) -- C:\Users\HeCToR\Desktop\ComboFix.exe
[2015/01/27 00:58:56 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/01/27 00:58:46 | 015,431,256 | ---- | M] () -- C:\Users\HeCToR\Desktop\RogueKiller.exe
[2015/01/27 00:22:08 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2015/01/27 00:04:35 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/01/26 02:23:49 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2015/01/26 02:23:49 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015/01/25 22:31:42 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2015/01/25 22:20:09 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/01/25 22:20:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/01/23 19:57:06 | 000,001,335 | ---- | M] () -- C:\Windows\Cm108.ini.imi
[2015/01/23 18:05:16 | 000,002,029 | ---- | M] () -- C:\Windows\Cm108.ini.cfl
[2015/01/23 18:05:11 | 000,000,133 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2015/01/23 18:05:07 | 000,000,715 | ---- | M] () -- C:\Windows\System\Cm108.ini
[2015/01/19 11:57:18 | 004,445,153 | ---- | M] () -- C:\Users\HeCToR\Desktop\Betsie Larkin & Andy Moor - Not Afraid.mp3
[2015/01/19 11:23:09 | 004,975,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/01/18 22:40:36 | 000,000,363 | ---- | M] () -- C:\Users\HeCToR\Desktop\Počítač.lnk
[2015/01/14 18:05:09 | 000,053,101 | ---- | M] () -- C:\Users\HeCToR\Desktop\10322436_655474504526701_2364935983710632295_n.jpg
[2015/01/01 16:43:23 | 000,000,771 | ---- | M] () -- C:\Windows\eReg.dat
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/01/28 00:13:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/01/27 09:50:41 | 000,000,926 | ---- | C] () -- C:\Users\HeCToR\Desktop\HD Tune.lnk
[2015/01/27 00:58:56 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/01/27 00:58:31 | 015,431,256 | ---- | C] () -- C:\Users\HeCToR\Desktop\RogueKiller.exe
[2015/01/27 00:22:28 | 000,000,512 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 753a0dfa-182f-4240-9a09-a27f1271da22.job
[2015/01/27 00:22:27 | 000,000,512 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 10fb802b-9913-4c0d-9a54-33107ba969e3.job
[2015/01/27 00:22:08 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2015/01/21 17:49:51 | 004,151,176 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015/01/19 11:57:13 | 004,445,153 | ---- | C] () -- C:\Users\HeCToR\Desktop\Betsie Larkin & Andy Moor - Not Afraid.mp3
[2015/01/18 22:40:36 | 000,000,363 | ---- | C] () -- C:\Users\HeCToR\Desktop\Počítač.lnk
[2015/01/14 18:05:08 | 000,053,101 | ---- | C] () -- C:\Users\HeCToR\Desktop\10322436_655474504526701_2364935983710632295_n.jpg
[2014/10/24 20:26:24 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/07/26 21:15:25 | 000,000,132 | ---- | C] () -- C:\Users\HeCToR\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014/03/14 18:49:45 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013/12/24 15:07:07 | 000,000,771 | ---- | C] () -- C:\Windows\eReg.dat
[2013/09/01 16:40:35 | 000,763,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/20 19:05:29 | 000,007,648 | ---- | C] () -- C:\Users\HeCToR\AppData\Local\Resmon.ResmonCfg
[2011/03/13 18:25:27 | 000,012,800 | ---- | C] () -- C:\Users\HeCToR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/08/30 06:25:09 | 014,173,184 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/08/30 05:21:25 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/15 18:45:20 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Auslogics
[2014/10/25 14:52:25 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\AVAST Software
[2014/03/23 16:18:20 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2015/01/04 16:13:53 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\DAEMON Tools Lite
[2015/01/26 02:36:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\HLSW
[2011/12/31 20:10:03 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\LolClient
[2012/05/25 07:14:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\LolClient2
[2014/02/09 21:42:30 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Opera
[2010/12/08 11:23:09 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\PC Suite
[2012/02/16 22:31:42 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\RegGenie
[2010/07/22 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\ROCCAT
[2014/07/26 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/01/27 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\uTorrent
[2014/03/14 18:50:03 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\VDownloader
[2013/11/18 17:13:07 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,514 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(20).TXT
[2009/07/14 06:08:49 | 000,032,526 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(22).TXT
[2009/07/14 06:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(60).TXT
[2012/10/25 08:50:38 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/03/02 23:11:27 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/03/02 23:11:28 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015/01/27 00:22:27 | 000,000,512 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 10fb802b-9913-4c0d-9a54-33107ba969e3.job
[2015/01/27 00:22:28 | 000,000,512 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 753a0dfa-182f-4240-9a09-a27f1271da22.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011/03/11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011/03/11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#8 Příspěvek od juraj228899 »

< %systemroot%*.* /U /s >
[18 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[55 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/07/26 21:09:49 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Adobe
[2014/07/26 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Adobe Mini Bridge CS5
[2010/07/22 02:06:24 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\AdobeUM
[2013/01/20 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Ahead
[2013/07/05 15:39:55 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Apple Computer
[2013/12/15 18:45:20 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Auslogics
[2014/10/25 14:52:25 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\AVAST Software
[2014/03/23 16:18:20 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2015/01/04 16:13:53 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\DAEMON Tools Lite
[2015/01/26 02:36:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\HLSW
[2010/09/04 11:26:52 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\HP
[2010/07/22 01:48:30 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Identities
[2014/10/25 15:21:00 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\LavasoftStatistics
[2011/12/31 20:10:03 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\LolClient
[2012/05/25 07:14:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\LolClient2
[2010/07/22 16:16:34 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Macromedia
[2015/01/27 00:42:16 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Malwarebytes
[2009/07/14 08:54:31 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Media Center Programs
[2013/01/13 19:33:41 | 000,000,000 | --SD | M] -- C:\Users\HeCToR\AppData\Roaming\Microsoft
[2013/12/28 06:22:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\NVIDIA
[2014/02/09 21:42:30 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Opera
[2010/12/08 11:23:09 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\PC Suite
[2012/02/16 22:31:42 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\RegGenie
[2010/07/22 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\ROCCAT
[2010/09/05 09:54:27 | 000,000,000 | RH-D | M] -- C:\Users\HeCToR\AppData\Roaming\SecuROM
[2015/01/17 17:05:55 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Skype
[2011/11/21 16:30:42 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\skypePM
[2014/07/26 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/01/27 00:22:21 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\SUPERAntiSpyware.com
[2015/01/27 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\uTorrent
[2014/03/14 18:50:03 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\VDownloader
[2015/01/24 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\vlc
[2013/11/18 17:13:07 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\wargaming.net
[2014/05/01 00:06:53 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\Winamp
[2010/07/26 21:29:51 | 000,000,000 | ---D | M] -- C:\Users\HeCToR\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2015/01/01 16:02:42 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\uTorrent.exe
[2014/02/02 04:08:54 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014/05/18 21:38:33 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/07/14 18:52:56 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/10/19 02:02:16 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2015/01/01 16:02:42 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\HeCToR\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/01/25 22:20:09 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2015/01/25 22:20:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2015/01/25 22:31:42 | 000,281,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2015/01/26 02:23:49 | 000,281,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2015/01/26 02:23:49 | 000,281,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR -- [2015/01/20 22:02:00 | 007,404,312 | ---- | M] (Piriform Ltd)
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2014/12/15 21:39:06 | 007,780,120 | ---- | M] (SUPERAntiSpyware)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/01/28 00:13:56 | 000,000,512 | ---- | M] () MD5=FC706A380EBABB9C4B688163836BF14C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014/07/14 18:52:41 | 000,005,139 | ---- | M] () -- \Users\HeCToR\AppData\Roaming\uTorrent\NFS 14_Crack only.torrent
[2010/11/01 16:38:29 | 000,003,854 | ---- | M] () -- \Users\HeCToR\AppData\Roaming\uTorrent\Registry Reviver 1.2.61 Software + Crack.1.torrent
[2010/11/01 16:25:44 | 000,003,854 | ---- | M] () -- \Users\HeCToR\AppData\Roaming\uTorrent\Registry Reviver 1.2.61 Software + Crack.torrent

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011/11/26 19:05:20 | 000,000,723 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.0_0\img\ajax-loader.gif.vir
[2011/11/26 19:05:20 | 000,000,941 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.0_0\js\FMLoader_Obfs.js.vir
[2013/11/14 12:55:31 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\331.82\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2014/12/13 01:12:42 | 001,173,136 | ---- | M] () -- \NVIDIA\DisplayDriver\347.09\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014/12/13 01:12:52 | 000,888,464 | ---- | M] () -- \NVIDIA\DisplayDriver\347.09\Win8_WinVista_Win7_64\International\NVI2\NVDownloader.dll
[2014/12/13 01:11:35 | 000,028,515 | ---- | M] () -- \NVIDIA\DisplayDriver\347.09\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.CFG
[2014/12/13 01:12:52 | 000,850,576 | ---- | M] () -- \NVIDIA\DisplayDriver\347.09\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.DLL
[2010/03/09 03:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010/03/09 00:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010/03/09 00:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010/03/09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006/11/09 21:31:32 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2014/07/03 12:20:06 | 000,007,281 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009/05/21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/09/20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/09/20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2014/12/13 01:12:42 | 001,173,136 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2014/06/10 16:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014/06/10 16:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014/06/10 16:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014/06/10 16:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/01/28 13:09:50 | 000,882,176 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloader.exe
[2011/03/06 16:42:30 | 000,015,086 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloader.ico
[2014/01/28 13:09:50 | 000,605,696 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloader.pdb
[2014/01/28 12:28:16 | 000,371,712 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloaderUI.dll
[2013/03/21 16:50:48 | 004,136,960 | ---- | M] () -- \Program Files (x86)\VDownloader\Addons\npVDownloader.dll
[2012/06/16 10:09:42 | 000,004,810 | ---- | M] () -- \Program Files (x86)\VDownloader\Addons\FireFox\Vdownloader.xpi
[2011/08/18 17:14:18 | 000,000,247 | ---- | M] () -- \Program Files (x86)\VDownloader\Addons\FireFox\chrome\content\vdownloader.xul
[2014/01/28 12:28:18 | 000,053,248 | ---- | M] () -- \Program Files (x86)\VDownloader\ar\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,053,248 | ---- | M] () -- \Program Files (x86)\VDownloader\de\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,053,248 | ---- | M] () -- \Program Files (x86)\VDownloader\es\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,053,248 | ---- | M] () -- \Program Files (x86)\VDownloader\fr\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,040,960 | ---- | M] () -- \Program Files (x86)\VDownloader\hu\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\it\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\ja\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,032,768 | ---- | M] () -- \Program Files (x86)\VDownloader\ko\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\nl\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,032,768 | ---- | M] () -- \Program Files (x86)\VDownloader\pl\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,040,960 | ---- | M] () -- \Program Files (x86)\VDownloader\pt-BR\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,057,344 | ---- | M] () -- \Program Files (x86)\VDownloader\ru\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,018,944 | ---- | M] () -- \Program Files (x86)\VDownloader\sr\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,036,864 | ---- | M] () -- \Program Files (x86)\VDownloader\sr-Cyrl-CS\VDownloader.resources.dll
[2014/01/28 12:28:18 | 000,045,056 | ---- | M] () -- \Program Files (x86)\VDownloader\tr\VDownloader.resources.dll
[2013/10/04 12:48:04 | 000,865,280 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloader_Secure\VDownloader.exe
[2014/01/28 12:28:18 | 000,045,056 | ---- | M] () -- \Program Files (x86)\VDownloader\zh-CHS\VDownloader.resources.dll
[2010/02/10 17:10:14 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2014/10/25 14:51:51 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014/10/25 14:51:51 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2013/11/14 12:55:31 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{3021B980-4D44-4C0F-BBE2-C2941F47FB2C}\ExtensionLoader.dll
[2014/03/14 18:49:45 | 000,001,157 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2014/03/14 18:49:45 | 000,001,157 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2014/07/29 17:58:10 | 000,000,271 | ---- | M] () -- \Users\HeCToR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpmccoingipfnbiilpihobmeikpgdcfi\10.82.4.30072_0\js\URILoaderContentScript.js
[2010/10/10 17:47:05 | 000,057,728 | ---- | M] () -- \Users\HeCToR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010/10/10 17:47:05 | 000,057,728 | ---- | M] () -- \Users\HeCToR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010/10/10 17:47:05 | 000,057,728 | ---- | M] () -- \Users\HeCToR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014/07/01 10:46:16 | 000,072,638 | ---- | M] () -- \Users\HeCToR\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/01 10:46:16 | 000,003,032 | ---- | M] () -- \Users\HeCToR\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/01 10:46:16 | 000,006,012 | ---- | M] () -- \Users\HeCToR\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/01 10:46:16 | 000,021,956 | ---- | M] () -- \Users\HeCToR\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/01 10:46:16 | 000,009,772 | ---- | M] () -- \Users\HeCToR\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/03/14 18:49:45 | 000,001,163 | ---- | M] () -- \Users\HeCToR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2011/09/24 18:15:43 | 003,210,794 | ---- | M] () -- \Users\HeCToR\Desktop\HeCToR\Hudba\2011.5\Driftwood - Freeloader.mp3
[2014/03/14 18:49:45 | 000,001,139 | ---- | M] () -- \Users\Public\Desktop\VDownloader.lnk
[2012/02/25 17:20:26 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2015/01/28 00:10:43 | 000,023,060 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2009/09/30 17:39:46 | 002,199,375 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 08:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 08:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 08:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 08:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 08:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/01/08 18:05:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/01/08 18:05:11 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/01/08 18:05:11 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/01/08 18:05:11 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/01/08 18:05:11 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 08:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/01/28 12:28:14 | 000,065,536 | ---- | M] () -- \Program Files (x86)\VDownloader\Core.XmlSerializers.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/09/20 11:42:04 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009/09/20 11:42:04 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/01/08 19:56:40 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/01/08 20:10:15 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2012/01/08 20:02:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2012/01/08 19:49:08 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/01/14 23:32:40 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2012/01/15 22:32:16 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/01/15 22:34:36 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2012/01/15 22:36:30 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6cd778cd2c8c61130ff71ee7a685222b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/01/15 22:36:18 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\f68180d9f4ade9c313f9ad20422eb1c0\System.Runtime.Serialization.ni.dll
[2012/01/15 22:40:18 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\59e70022e798ce28f9f5b8870c5c8bf2\System.Xml.Serialization.ni.dll
[2012/01/12 21:31:11 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/01/12 21:31:09 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/01/12 21:31:15 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 08:44:15 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009/07/14 08:44:15 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009/07/14 08:44:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 08:44:20 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009/06/10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/01/08 18:04:33 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012/01/08 18:04:33 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/07/14 08:44:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/07/14 08:44:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009/07/14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009/07/14 08:43:49 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/14 08:44:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:7D6EC5BE
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B755D674
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:196FC0A6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1AAB2E68

< End of report >
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: kontrola logu

#9 Příspěvek od altrok »

:arrow: Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic :shock:

:arrow: Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, predpokladam, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. Poprosim Vas jeste o obsah CFScriptu, ktery je casto pro docisteni nutny. CF navic smazalo cast stop po haveti, takze je dost mozne, ze tam mate zalezleho neco, co ani v OTM neni videt...
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#10 Příspěvek od juraj228899 »

myslim že tento OS nie je legalní,daval mi ho tam totiž kamarát. a ohladom ComboFix,spustil som ho sam,nikto mi s tým nepomahal
Nahoru
juraj228899
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 led 2015 01:41

Re: kontrola logu

#11 Příspěvek od juraj228899 »

ComboFix 15-01-27.01 - HeCToR . 01. 2015 1:19.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4095.1511 [GMT 1:00]
Running from: c:\users\HeCToR\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\STFB6B9.tmp
.
.
((((((((((((((((((((((((( Files Created from 2014-12-27 to 2015-01-27 )))))))))))))))))))))))))))))))
.
.
2015-01-27 00:24 . 2015-01-27 00:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-27 00:24 . 2015-01-27 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-26 23:58 . 2015-01-26 23:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-26 23:58 . 2015-01-26 23:58 -------- d-----w- c:\programdata\RogueKiller
2015-01-26 23:41 . 2015-01-26 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\users\HeCToR\AppData\Roaming\SUPERAntiSpyware.com
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-01-26 23:22 . 2015-01-26 23:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2015-01-26 22:37 . 2015-01-26 22:37 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9379D31-E40C-438E-8BBC-5B07FDA200B6}\offreg.dll
2015-01-21 17:05 . 2014-12-13 00:11 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-01-21 17:05 . 2014-12-13 00:11 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-01-21 17:04 . 2015-01-21 17:04 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2015-01-21 17:04 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-01-21 17:03 . 2014-12-13 08:03 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-01-21 16:49 . 2014-12-12 23:11 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2015-01-02 16:32 . 2015-01-02 16:32 -------- d-----w- c:\program files\EA SPORTS
2015-01-01 15:43 . 2015-01-03 21:16 -------- d-----w- c:\program files (x86)\EA SPORTS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-26 01:23 . 2010-07-26 21:31 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-01-26 01:23 . 2010-07-26 19:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-01-25 21:31 . 2010-07-26 19:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-01-25 21:20 . 2012-10-25 07:50 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 21:20 . 2011-05-18 14:49 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 10:08 . 2013-12-14 19:08 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2013-12-14 19:08 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2013-12-14 19:06 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 10:08 . 2013-12-14 19:06 2897824 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-12-13 08:03 . 2013-12-14 19:08 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2013-12-14 19:08 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2013-12-14 19:08 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2013-12-14 19:08 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2013-12-14 19:08 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 00:11 . 2013-12-14 19:10 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:11 . 2013-12-14 19:10 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-22 15:41 . 2014-10-25 13:51 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 10:46 . 2013-10-30 15:05 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-01 12:28 . 2014-10-25 13:51 83280 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2011-09-16 14:12 . 2014-03-14 17:45 3623592 ----a-w- c:\program files (x86)\Common Files\ApnToolbarInstaller.exe
2011-09-16 14:12 . 2014-03-14 17:45 143240 ----a-w- c:\program files (x86)\Common Files\ApnStub.exe
2010-01-26 09:11 . 2014-03-14 17:49 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-12-15 7780120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-01 5223016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Kone"="c:\program files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE"
"hpqSRMon"=c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 jswpbapi;JumpStart Push-Button Service;c:\program files (x86)\TP-LINK\QSS\jswpbapi.exe;c:\program files (x86)\TP-LINK\QSS\jswpbapi.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys;c:\windows\SYSNATIVE\drivers\Kone.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys;c:\windows\SYSNATIVE\drivers\CM10864.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - SASDIFSV
*NewlyCreated* - SASKUTIL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-24 22:36 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-25 21:20]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02 22:11]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02 22:11]
.
2015-01-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 10fb802b-9913-4c0d-9a54-33107ba969e3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-01-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 753a0dfa-182f-4240-9a09-a27f1271da22.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-25 13:51 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2009-12-08 8146944]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-{A3456A29-3ECD-106E-1191-6B366BA3503A} - c:\progra~3\INSTAL~2\{0CBEE~1\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,bd,d4,2b,23,15,aa,35,e3,73,96,e4,12,a7,58,8b,9a,5f,ee,66,13,5c,21,
58,e3,f4,f7,34,58,d2,de,24,a9,54,89,ae,b8,4a,8a,41,ac,af,c2,48,43,56,57,7f,\
"??"=hex:4e,02,df,0a,33,e6,b7,3b,b7,5c,8f,41,3a,52,72,8b
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuROM\License information*]
"datasecu"=hex:cc,b1,12,77,3a,0e,5e,95,be,46,ff,dc,9e,dc,c3,c9,a0,e8,f7,0e,9e,
a7,c4,68,02,4f,fa,5d,fd,5f,dc,be,ad,70,86,16,4f,3d,75,f1,fb,92,c4,6d,c8,8b,\
"rkeysecu"=hex:35,1e,83,e7,38,3c,fb,4e,d2,3d,cc,9a,ed,31,5b,f1
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,bd,d4,2b,23,15,aa,35,e3,73,96,e4,12,a7,58,8b,9a,5f,ee,66,13,5c,21,
58,e3,f4,f7,34,58,d2,de,24,a9,54,89,ae,b8,4a,8a,41,ac,af,c2,48,43,56,57,7f,\
"??"=hex:4e,02,df,0a,33,e6,b7,3b,b7,5c,8f,41,3a,52,72,8b
.
[HKEY_USERS\S-1-5-21-2835872318-1652769558-430925286-1000\Software\SecuROM\License information*]
"datasecu"=hex:cc,b1,12,77,3a,0e,5e,95,be,46,ff,dc,9e,dc,c3,c9,a0,e8,f7,0e,9e,
a7,c4,68,02,4f,fa,5d,fd,5f,dc,be,ad,70,86,16,4f,3d,75,f1,fb,92,c4,6d,c8,8b,\
"rkeysecu"=hex:35,1e,83,e7,38,3c,fb,4e,d2,3d,cc,9a,ed,31,5b,f1
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-01-27 01:26:48
ComboFix-quarantined-files.txt 2015-01-27 00:26
.
Pre-Run: 221 303 136 256 bytes free
Post-Run: 221 241 131 008 bytes free
.
- - End Of File - - 3A76B9EBFB3F8E54C98B452980F51E90
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7322
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: kontrola logu

#12 Příspěvek od altrok »

juraj228899 píše:myslim že tento OS nie je legalní,daval mi ho tam totiž kamarát. a ohladom ComboFix,spustil som ho sam,nikto mi s tým nepomahal

:arrow: Ja to s jistotou potvrzuji. Za techto okolnosti mi pravidla fora, ktera jsme Vy i ja povinni dodrzovat, nedovoluji pokracovat.
pravidla fora píše:Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

:arrow: A kdyz uz jsme u porusovani pravidel fora, porusil jste dalsi 2 - doporucuju si je precist http://forum.viry.cz/viewtopic.php?f=12&t=5601
pravidla fora píše:3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád či nějaký rádoby odborný web. Naše fórum je jediné z CZ\SK antivirových fór, které má právo luštit logy z ComboFixu a máme též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

10. Registrováni můžete být pouze jednou (pod jedním nickem). Duplicitní a vícenásobná registrace není přípustná a bude nekompromisně mazána. Soukromé zprávy pro návštěvníky jsou nastaveny pouze na jejich příjem. Je tomu tak proto, že byly v minulosti zneužívány. Pokud máte nějaký naléhavý vzkaz pro některého člena týmu, použijte jeho e-mail, který je zveřejněn vlevo dole pod každým postem.
druhy ucet - http://forum.viry.cz/viewtopic.php?f=13&t=119538
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“