VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu - prilis casto padajici PC do blue screen

https://forum.viry.cz:443/viewtopic.php?t=117684

Stránka 2 z 2

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 27 pro 2011 23:17
od octavia
ComboFix 11-12-27.01 - Owner 27.12.2011 21:25:13.3.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2216 [GMT 1:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\6924.jpg
c:\users\Owner\AppData\Local\assembly\tmp
c:\users\Owner\AppData\Roaming\5506.69D
c:\users\Owner\AppData\Roaming\vso_ts_preview.xml
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\odbcad32.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-27 do 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-27 21:06 . 2011-12-27 21:07 -------- d-----w- c:\users\Owner\AppData\Local\temp
2011-12-27 21:06 . 2011-12-27 21:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-27 21:06 . 2011-12-27 21:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 11:39 . 2011-12-27 11:39 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{653998EE-D87B-40EA-8719-C14671C1B363}\offreg.dll
2011-12-27 11:39 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{653998EE-D87B-40EA-8719-C14671C1B363}\mpengine.dll
2011-12-14 20:38 . 2011-11-04 01:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-14 12:12 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 12:12 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 12:12 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-14 12:12 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 12:11 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 12:11 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 12:11 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-14 12:11 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-12-12 18:32 . 2011-12-12 18:32 -------- d-----w- C:\_OTM
2011-12-12 17:48 . 2010-02-02 13:33 40 ----a-w- C:\james.bat
2011-12-12 17:48 . 2011-12-12 17:54 -------- d---a-w- C:\rafazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-26 20:39 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-11-28 18:01 . 2011-10-02 11:49 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-10-02 11:49 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-10-02 11:50 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-10-02 11:50 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-10-02 11:51 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-10-02 11:51 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-10-02 11:51 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-10-02 11:50 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-10-02 11:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-27 08:50 . 2011-10-14 19:05 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1c9f18fd65a1953;Google Update Service (gupdate1c9f18fd65a1953);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 133104]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys [x]
R3 ce6230;Intel CE6230 Standalone USB Driver;c:\windows\system32\DRIVERS\CE6230StandaloneDriver.sys [2007-05-31 58624]
R3 ce6230BDACAP;Realfine CE6230 BDA Driver;c:\windows\system32\DRIVERS\CE6230BDA.sys [2007-05-31 24960]
R3 DCamUSBSTK02H;STK02H Camera;c:\windows\system32\DRIVERS\STK02HW2.sys [2007-03-21 106496]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-06 1038088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.2&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 62606
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Regedit32 - c:\windows\system32\regedit.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-ICQToolbar - c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:54,eb,5c,79,f9,2c,c1,88,86,27,22,ff,a6,fb,4a,fe,27,5f,e7,1f,18,37,37,
cb,1f,09,49,2e,85,59,d7,b1,bb,68,84,c4,2a,54,8b,e2,2c,08,51,50,f8,b8,ae,78,\
"??"=hex:ac,19,66,f0,6e,52,7d,ae,72,cb,c2,0b,13,03,0b,9a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-12-27 23:13:57
ComboFix-quarantined-files.txt 2011-12-27 22:13
ComboFix2.txt 2011-08-15 19:18
.
Před spuštěním: 6 156 509 184
Po spuštění: 5 813 764 096
.
- - End Of File - - DF1E72748AAAED211F53A58F5038902A

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 27 pro 2011 23:41
od chodnik74
:arrow: Otevřeme si Poznámkový blok Obrázek
  • (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
  • Vložíme do něj následující script:

    Kód: Vybrat vše

    
KillAll::

File::
C:\james.bat

Driver::
gupdate1c9f18fd65a1953

DDS::
uStart Page = hxxp://start.icq.com/

Firefox::
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.2&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 62606
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);

RegLock::
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Pinyin IME Migration]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RCApp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^STK02H 2.0 PNP Monitor.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]

Reboot::
  • Soubor uložíme na Plochu jako CFScript.txt
  • Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme

    Obrázek
  • Poté Combofix provede všechny operace a udělá nový log,který sem vložte
:!: Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfigurace

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 11:33
od octavia
Pred vykonanim kontroly se ComboFix aktualizoval, tak snad probehlo vse korektne

ComboFix 11-12-28.02 - Owner 28.12.2011 10:37:10.4.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2098 [GMT 1:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Owner\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\james.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\james.bat
c:\windows\system32\slwga.dll . . . . nemohl být smazán
c:\windows\system32\srrstr.dll . . . . nemohl být smazán
c:\windows\system32\systemcpl.dll . . . . nemohl být smazán
c:\windows\system32\termsrv.dll . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate1c9f18fd65a1953
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-28 do 2011-12-28 )))))))))))))))))))))))))))))))
.
.
2011-12-28 10:08 . 2011-12-28 10:08 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{653998EE-D87B-40EA-8719-C14671C1B363}\offreg.dll
2011-12-28 10:04 . 2011-12-28 10:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-28 10:04 . 2011-12-28 10:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 22:15 . 2011-12-28 10:12 -------- d-----w- c:\users\Owner\AppData\Local\temp
2011-12-27 11:39 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{653998EE-D87B-40EA-8719-C14671C1B363}\mpengine.dll
2011-12-14 20:38 . 2011-11-04 01:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-14 12:12 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 12:12 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 12:12 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-14 12:12 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 12:11 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 12:11 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 12:11 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-14 12:11 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-12-12 18:32 . 2011-12-12 18:32 -------- d-----w- C:\_OTM
2011-12-12 17:48 . 2011-12-12 17:54 -------- d---a-w- C:\rafazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-28 10:08 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-11-28 18:01 . 2011-10-02 11:49 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-10-02 11:49 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-10-02 11:50 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-10-02 11:50 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-10-02 11:51 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-10-02 11:51 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-10-02 11:51 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-10-02 11:50 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-10-02 11:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-27 08:50 . 2011-10-14 19:05 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-27_21.09.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 03:20 . 2011-12-28 10:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-12-27 17:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-12 19:10 . 2011-12-28 10:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-12 19:10 . 2011-12-27 17:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-21 03:20 . 2011-12-28 10:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-01-21 03:20 . 2011-12-27 17:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-12-28 09:09 78370 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-10-31 11:32 . 2011-12-27 11:31 21890 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3470727687-1027406370-3241345228-1000_UserData.bin
+ 2008-10-31 11:32 . 2011-12-28 10:10 21890 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3470727687-1027406370-3241345228-1000_UserData.bin
+ 2010-08-11 04:36 . 2011-12-28 09:15 24250 c:\windows\system32\perfc005.dat
- 2010-08-11 04:36 . 2011-12-27 11:39 24250 c:\windows\system32\perfc005.dat
- 2011-12-27 11:27 . 2011-12-27 11:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-28 10:08 . 2011-12-28 10:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 11:27 . 2011-12-27 11:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-28 10:08 . 2011-12-28 10:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 15:45 . 2011-12-28 10:10 284974 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2006-11-02 12:46 . 2011-12-27 11:39 595996 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2011-12-28 09:15 595996 c:\windows\system32\perfh009.dat
- 2010-08-11 04:36 . 2011-12-27 11:39 111924 c:\windows\system32\perfh005.dat
+ 2010-08-11 04:36 . 2011-12-28 09:15 111924 c:\windows\system32\perfh005.dat
- 2006-11-02 12:46 . 2011-12-27 11:39 104070 c:\windows\system32\perfc009.dat
+ 2006-11-02 12:46 . 2011-12-28 09:15 104070 c:\windows\system32\perfc009.dat
- 2011-02-10 22:35 . 2011-12-26 22:36 545204 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-10 22:35 . 2011-12-28 10:06 545204 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-03-26 23:47 . 2011-12-28 10:06 29431896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3470727687-1027406370-3241345228-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys [x]
R3 ce6230;Intel CE6230 Standalone USB Driver;c:\windows\system32\DRIVERS\CE6230StandaloneDriver.sys [2007-05-31 58624]
R3 ce6230BDACAP;Realfine CE6230 BDA Driver;c:\windows\system32\DRIVERS\CE6230BDA.sys [2007-05-31 24960]
R3 DCamUSBSTK02H;STK02H Camera;c:\windows\system32\DRIVERS\STK02HW2.sys [2007-03-21 106496]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-06 1038088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-ICQToolbar - c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:54,eb,5c,79,f9,2c,c1,88,86,27,22,ff,a6,fb,4a,fe,27,5f,e7,1f,18,37,37,
cb,1f,09,49,2e,85,59,d7,b1,bb,68,84,c4,2a,54,8b,e2,2c,08,51,50,f8,b8,ae,78,\
"??"=hex:ac,19,66,f0,6e,52,7d,ae,72,cb,c2,0b,13,03,0b,9a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Applications\dreamweaver.exe\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{84d4e968-0688-4b4d-9659-fb4c4e611232}\Implemented Categories\{71B2D918-2983-47B3-8337-9BEA15F184DA}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Edit]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.10\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Adobe\\Adobe Photoshop CS3\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.11\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Adobe Photoshop CS4 (64 Bit)\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{004BB91A-98DA-406F-BBBF-7A9F122A3AC2}\1.0\0\win32]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Common Files\\Adobe\\Linguistics\\Providers\\Plugins\\WRLiloPlugin1.0\\WRLiloPlugin.dll"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Celkový čas: 2011-12-28 11:30:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-28 10:30
ComboFix2.txt 2011-12-27 22:14
ComboFix3.txt 2011-08-15 19:18
.
Před spuštěním: 6 031 134 720
Po spuštění: 6 573 645 824
.
- - End Of File - - 3B3E1E85A95156746289EE37CC38EED8

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 11:50
od chodnik74
:arrow: Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter

:arrow: ObrázekT-Cleaner
  • Spustíme,zmáčkneme klávesu A a potvrdíme ENTER(některé antiviry mohou detekovat utilitu jako vir-jedá se o falešný poplach,proto IGNOROVAT nebo dočasně vypnout antivir )
  • po použití T-Cleaner smažte ;-)

:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým
    tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Pokud používáte 64 bitový systém,zaškrkněte volbu Pro 64 bitové OS,pokud ne,tak by měla být
    nezaškrknutá
  • Zaškrkněte okýnko Pro všechny uživatele,Kontrola havět "LOP",Kontrola havět "Purity"
  • Staří souborů změňte z 30 dnů na 7 dnů
  • Do spodního okýnka Vlastní skenování/opravy vložte následující script:

    Kód: Vybrat vše

    netsvcs
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
*crack* /s
*keygen* /s
*nocd* /s
*nodvd* /s
*AutoKMS* /s
*AutoRearm* /s
*Loader* /s
*w7lxe* /s
*Legalizator* /s
*GenuineXP* /s
*minodlogin* /s
serial.txt /s
%APPDATA%\*.*
%APPDATA%\*.exe /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s


%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces
sTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Klikněte na tlačítko Prohledat
  • Po dokončení skenu,který trvá mezi 5-15 minuty se vám zobrazý dva logy OTL.txt a Extras.txt a ty
    mě sem vložte

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 13:58
od octavia
OTL Extras logfile created on: 28.12.2011 12:20:48 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 46,37% Memory free
8,17 Gb Paging File | 5,88 Gb Available in Paging File | 71,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 6,21 Gb Free Space | 4,17% Space Free | Partition Type: NTFS
Drive D: | 138,30 Gb Total Space | 11,06 Gb Free Space | 8,00% Space Free | Partition Type: NTFS
Drive H: | 3,69 Gb Total Space | 0,01 Gb Free Space | 0,30% Space Free | Partition Type: FAT32

Computer Name: LUB-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg [@ = regfile] -- C:\Windows\regedit.exe ()

[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = D5 C2 68 7F 3A 46 CB 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AE613F5-F8BD-4B83-85BE-12B4DAC7F77E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{18ED01AE-E3EB-4A9C-AFB3-5F0C7D707B4A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2498F7FD-7A78-428E-9C7C-2691B4593BA3}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{24EB8CB2-60B5-43EA-8991-DF477997B917}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{26BB608A-A24E-45A3-91A3-9AA9F1DD895C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{27A0EC96-335E-490B-93D4-BC0C7E718859}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3661BDB1-E119-4192-8BE9-922FA52E0703}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3C18DFF7-32FF-4193-8CFF-222AABBBAAFA}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5456D17D-3FFD-4958-B68F-32FFFA8B47CF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{555686F9-4B18-41BF-B352-41B677BE18C7}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{6C97AB74-8627-48FF-93E6-63A026502FB5}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{74FD4CA5-FC16-423D-933A-5E5351327FF9}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{814CA043-905B-4331-B316-655A233C2B71}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{86E55F0D-7776-40E6-925E-A4CB23371859}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8B5192E1-57C1-4D9D-918A-8CA3FC8E1A08}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8BC17E78-A786-4C79-86D8-1776564E2392}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DD48722-A947-4C7A-9078-F927CEB48D9F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9658ADB2-018C-44C3-81CE-1E5DDD686F9E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A4DA0E34-46CD-4FC4-9CD4-8C13ACB8FF67}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AAB145E8-BB3F-4521-B783-1ACCE9C0C578}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{AFD7A3DD-E2C2-4EC0-AA69-55A0A84FF17C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C71CD8A7-7033-47DB-9ADE-127338F54680}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{CBB71729-6FAC-4D09-AC47-B65D29F38F7D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CC1667F6-1DFF-425A-9F1F-88BF8B97B3BE}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{D8DFD241-819D-463D-9F30-75524CD6CA15}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EBB782E5-E6E5-4BB7-AF46-56B460B61E3C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F4101AEE-C195-488E-A119-CAC2540BD3FB}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{FB65B0CA-1D23-4660-B0B2-82B14B9C65B8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FF8DEA19-58CA-419E-8B4B-8F252192DF89}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0047B0A2-C18F-4780-AA77-4D4EEEB36F41}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{024388B5-E6D9-4341-8488-F8C00EFADA6A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{02668E16-22E5-472E-AF2A-8D0B6AD58FB1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{03276C82-5783-48F3-ABEE-4F2C78D6E27E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{06880E8D-D73A-4D82-A8BD-ABD2F0FF2140}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{068AB69A-F5D2-4047-B46D-CDA369F56118}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0A76CAE3-976C-44AA-B06C-ED42C18E11E6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0B37CFB3-DDA4-44D5-BF6D-DBF4216ADA6A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0CB8025F-2ACC-4E0A-9C84-1994016AB2DA}" = protocol=17 | dir=in | app=c:\program files (x86)\vugames\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{0D9EA7CB-7283-4DB9-B0F9-3EEA05613D89}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{127A43BA-8ECE-4DCD-8959-CB982955EB51}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{1784EDB1-10CB-4D51-8C56-94689F800195}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{19C37476-049C-4FC3-A23C-173D589FA4F8}" = protocol=17 | dir=in | app=c:\program files (x86)\scala\infochannel designer 5\icdesigner.exe |
"{1BBDB897-D97A-4EF1-AC2C-FDB41902585B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1C931181-B5A4-4974-9433-D05572145F9A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1EC65F53-1F8E-4A64-A4ED-4819BE2D5876}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1F4286A9-842A-4A04-BD10-A526FDD5DE5D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{2341BB6D-F7EE-410F-9FC4-39D749597B1E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{24DAEB06-5D36-4A96-B5FC-149C4DF8891C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{273B6288-FF28-4A48-8C97-DD58B102E8AE}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{2A741CD9-86F4-4709-A08C-8349CF9CD5D4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2B1BAD98-97C2-4291-8E14-C686F4104BF8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2D6C3038-79C7-4CEF-8CAA-0D8327E805BC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{31D1518E-B877-48FB-975F-D31B9EFFAEA4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{364A5509-8F86-4BA3-83E0-AFF278B7DF23}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{391A1351-3FD2-4644-8765-5CBF6E5E1FDA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3AE94F54-7567-46F6-9116-4DBB56C0E50A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3DA9554D-DDF0-4F77-8AC9-FBED7C517583}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{3E3100F7-C403-4CDD-B9A5-91D009DBC0EF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3E7D8C69-F9F0-4301-AA83-0AC17BAD8A41}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{41CF0E39-D59E-4192-B498-3E29D7EB1F4C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{429A335C-AF79-4305-AE68-7C6444451F67}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{431F5843-EF15-4772-8462-24200DBC72E6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{4333BDE5-1EAA-4CBD-BB7C-BB83E3C1A6F2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{443B9CBB-4D0C-4982-BB46-807904919562}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4824EA06-F29B-4A40-8C0E-67151BA1AB52}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4B860C2B-1096-47AE-AF9F-CA5BE63FD413}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4C1742F1-15E4-4798-AD62-717F076F1732}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5237409A-5BFE-4EF3-9F71-61FB62AC25F6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{542D6744-BE83-44E1-891A-2FB978C28010}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{56F2A567-88BC-4AF4-BE7D-6AE6468FC762}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5A7AB381-A2BE-4A84-8FB4-5330065BDFA3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5AB36ABA-A454-46D4-86D6-FD4883CCF242}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5DD632C4-10D7-4152-B894-6D308C2688D1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5E418E36-35DC-4FBF-9DC2-E2877564DE04}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{62A8E420-AB17-4D50-9DA2-8BA590DCB82E}" = protocol=6 | dir=in | app=c:\program files (x86)\vugames\swat 4\contentexpansion\system\swat4x.exe |
"{66C2459D-BF10-46D4-8CE8-C7D9E6D82D4E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{686801B7-7131-4B00-8221-DEE32EA9660D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6BA3933D-8C08-47B1-A6C8-5B6DFB5D95D1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{70738507-6208-4991-87E8-AC994CBB0476}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{77A0EE93-EF64-4219-813B-BE3A13087E09}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7B319710-8FC8-4391-8550-C8B562BACCC0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7B5F198E-7717-4A38-9D02-34F1D064442C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{7E364048-5FAE-44EB-A88B-FB7FEB677D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7EA19ADB-6809-4381-9050-D9EB51AE112B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8189755A-2D35-40CA-8A44-E5C2A2C7079C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{88318424-0C67-4B44-89DB-330CC1E0C87C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8AAEFC27-E78F-44E5-840E-C4DA3BFF3D49}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8F6CAA26-0190-4A4F-AE25-4263BA2CD4B3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{90A8CDDC-6E2B-4AE6-B36D-2DDEDCD80465}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9206A46E-1D67-406B-BA50-AF893C109984}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{925B0E9E-BD5E-40BB-92C8-941A6C896EFF}" = protocol=17 | dir=in | app=c:\program files (x86)\vugames\swat 4\contentexpansion\system\swat4x.exe |
"{95977588-222E-411D-BFF3-CF072FA8BF40}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{9603D2F1-5D32-43A0-A34A-B034B48CEE79}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{98559EC8-8568-4E21-9E90-DF8BB3012F17}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9886F507-B9BC-4631-BD2C-D792DB1B882A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9D2A84F6-1F5D-496E-BEF9-B9D8637C1C43}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A0F9BF99-B1F1-48E9-ADDD-9D14BE21147C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A1CB5926-DCF9-489F-BF72-42999FC79E2F}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A9069045-F2BF-4816-96CB-843DFD7BE4F2}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AD7A82DC-CECE-4E32-ACE9-E30E4267828D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B2AFC981-AB77-41D7-846A-B696AD8A27DC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B37CD1C7-318A-43BC-8D2C-2F8A647E5E1F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B4D2FD36-6839-493E-8470-BF9702FE18EF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B64DCF96-00EE-4AEF-ADB1-B482FB9B9F7C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{B69FC573-60E7-4ABB-B47E-EF7E3208A43A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B7617F44-1D5A-42DD-8081-2A77400D3EA5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B94DC7A0-A9C5-4247-8141-EBD8D6B75F4C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA05B64A-B969-4B2E-8CF2-AE5EB98EA5B8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BB8B26B9-93AF-46FB-8E74-91BAB526C0FB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BFF2EBCA-0A5E-422A-81D5-E44EA39692DF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C5929780-9B6F-41E9-941D-836D2A7B38CC}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C66EF462-92CB-4D0C-A085-0A65B1F8308E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C95EAF07-0354-4425-9CB5-59A32A0FC254}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDE8366E-D5F3-4061-93A7-DFE3FEF20168}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CEE2E02C-68A4-4ABA-9C2E-697541867AFD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D6517706-97EF-4576-B6CB-9C6460F3C099}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D8BFAD29-49F6-4A6D-B087-D4C4EF5DAFF5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DB5DE69F-A0D7-4903-BFF4-974EA48C4A97}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DC651089-1BC4-45B4-A175-412B9A4138A6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{DF4C65E2-21A8-49DA-B11B-60D6890E7CD0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E88EE81B-B317-42EE-A4CF-9C9BC2947632}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E946225B-4132-49D5-9E69-7EDFC1FF1C3C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB91954E-1616-4A50-9C05-806C20248A9A}" = protocol=6 | dir=in | app=c:\program files (x86)\vugames\swat 4\contentexpansion\system\swat4xdedicatedserver.exe |
"{EE28E315-532C-40F4-BFE2-BFA150FF19FE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{EF156ACD-B3D4-4CA6-8B06-AB7A2569D65F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F01C5BEE-F705-4918-B642-F7CD9B926486}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1C357A9-68DE-426B-AB51-A84F56BF2EB8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F4FC044C-9E99-46D2-B0B9-01077C5C931B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F6E73101-448A-49AE-B640-20D8FEA78467}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F80E00DD-10CC-4FFD-88D4-428805F8E435}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FB45BF85-E6D2-4AB1-85FA-31B44BB85AA8}" = protocol=6 | dir=in | app=c:\program files (x86)\scala\infochannel designer 5\icdesigner.exe |
"{FFD95B58-1E5D-4B9F-A042-5EB9848C6AE2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FFECB0E6-6F73-4387-98BD-B09FF32F243D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{6F580C26-592B-487D-A069-9FF9B5D981F2}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"TCP Query User{D91D3493-EEFB-412F-8EA7-13706670AF21}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{50563B7E-8B7C-4CC9-83BF-FE68031D8247}C:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\shared files\programs\strmserver\strmserver.exe |
"UDP Query User{5A723C38-4A75-499F-9A95-E7A9B89526E5}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear eXtreme
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Ovladače videa společnosti Pinnacle
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0804-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DD57342D-62B2-4D22-90FB-0BE732962410}" = Vegas Pro 9.0 (64-bit)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinImage" = WinImage
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1BC4026B-1957-4514-9058-2B542557F143}" = Opera 9.63
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{239BB983-8A2D-4974-B780-2ADAE32752D5}" = Windows Live installer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{300B9E83-E406-4DF7-8A21-E8A90E4F8B91}_is1" = Convert DVD to AVI 1.1
"{31FD042B-1898-45AC-845A-00CCE3BC7587}_is1" = ALO Audio CD Ripper 3.0
"{3315B802-84C6-47BC-907A-9B77A4646197}_is1" = SWF to AVI 1.6
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D6CE6CE-E1C1-47C9-A734-78C53EBA5255}" = Xara Web Designer 6
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{463B1489-1377-4B2A-A718-B1E3E4D4B836}" = UAZ Racing 4x4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE6B4E0-770F-416B-BB9A-65116871D165}" = GIGABYTE U7200 TV Card Driver
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}" = HP Precisionscan Pro 3.1
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.0.52
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F0DAC46-6D6E-490D-B80F-FF665891EAB9}" = Constantine
"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901)
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0804-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Simplified)) 2007
"{90120000-0015-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0804-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
"{90120000-0019-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0804-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
"{90120000-001A-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROHYBRIDR_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_PROHYBRIDR_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROHYBRIDR_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_PROHYBRIDR_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_PROHYBRIDR_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_PROHYBRIDR_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0404-1000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0804-1000-0000000FF1CE}_PROHYBRIDR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C0A-1000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0404-0000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0804-0000-0000000FF1CE}_PROHYBRIDR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player
"{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = Installer
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A824ED3-387B-44ED-90CA-B58D5B8171AB}" = Gigabyte USB TV Card TV Card Remote Control Device
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9F53AAB3-B989-4731-8635-C8F4F1050A8C}" = Adobe Setup
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1" = Convert MOV to AVI 1.0
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AFC02C27-473F-4EC5-9372-30771EFFB35F}" = VC80_CRT_x86
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{c1eb75bf-a785-4569-ad7f-e9462f3cdb69}" = Nero 9 Trial
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C61177FD-37C4-4C5F-BE6C-E04A8AC399B6}" = EclipseCrossword
"{C6C841AC-FAFB-4624-89B8-E3272E0022B3}" = Document Exporter for Internet Explorer
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D48E5272-5DE8-4BA9-9EBB-EECE26D3CDC9}" = NewSoft MCE Codec
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA403202-E59F-4F34-9B48-B3147CCC62B1}" = Direct Console 2.0
"{DA48EC21-CC7C-4808-A6B9-2BE06044D2FA}" = STK02H 2.0
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED95B55C-4759-4242-85DE-EAD1DA7AB090}" = Adobe Dreamweaver CS3
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_f5bcf5cb0764c8ca8bbd659a1bf2b83" = Adobe Dreamweaver CS3
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Any Video Converter_is1" = Any Video Converter 3.0.1
"AnyDVD" = AnyDVD
"AV Bros. Puzzle Pro 2.2 DEMO" = AV Bros. Puzzle Pro 2.2 DEMO (Remove Only)
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CSCLIB" = Canon Camera Support Core Library
"Debut" = Debut
"DPP" = Canon Utilities Digital Photo Professional 3.4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"FileZilla Client" = FileZilla Client 3.2.4.1
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"FLV to MP3_is1" = FLV to MP3 v1.00
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.1
"FreeDVDRipper" = FreeDVDRipper 2.1
"GameSpy Arcade" = GameSpy Arcade
"Gold Wave Editor_is1" = Gold Wave Editor v10.2.2
"HaaliMkx" = Haali Media Splitter
"Hdd Speed Test Tool_is1" = Hdd Speed Test Tool v. 1.0.14 (RC 1)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ICQToolbar" = ICQ Toolbar
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7F0DAC46-6D6E-490D-B80F-FF665891EAB9}" = Constantine
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = SWAT 4 - The Stetchkov Syndicate
"Jalbum_0" = Jalbum 8.1
"Jalbum_1" = Jalbum 8.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.5 (Full)
"Kubik SMS DreamCom_is1" = Kubik SMS DreamCom 5.89
"MAGIX_MSI_Xara_Web_Designer_6" = Xara Web Designer 6
"MAPFACTOR_SETUP_UTILITY_is1" = Setup Utility
"MediaCoder" = MediaCoder 0.7.1.4486
"MOTORM4X" = MOTORM4X
"Movier" = Movier 1.0.17
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NewBlue 3D Transformations for Vegas" = NewBlue 3D Transformations for Vegas
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Blends 2.0 for Vegas" = NewBlue Motion Blends 2.0 for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"Nokia PC Suite" = Nokia PC Suite
"Nvu" = Nvu 1.0
"OpenAL" = OpenAL
"Orion 2009 spořič obrazovky_is1" = Orion 2009 spořič obrazovky
"Osmisměrky - ITPro CZ_is1" = Osmisměrky 1.14
"PCNavigator8_is1" = PC Navigator 8 8.0.36-1
"Photo Collage Creator_is1" = Photo Collage Creator 3.27
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"ProgDVB" = ProgDVB
"PROHYBRIDR" = 2007 Microsoft Office system
"PSPad editor_is1" = PSPad editor
"Qip Infium packverze: 9020 RC3 s IRC protokolem" = Qip Infium pack verze: 9020 RC3 s IRC protokolem
"RajcePhotoDownloader_is1" = RajcePhotoDownloader
"rajče.net_is1" = rajče beta53
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"RealFlightG4Pro" = RealFlight G4 R/C Simulator
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Revo Uninstaller" = Revo Uninstaller 1.91
"Rigs of Rods" = Rigs of Rods 0.36.2
"Rossmann Foto-Shop Client" = Rossmann Foto-Shop Client 4.2
"TeamViewer 6" = TeamViewer 6
"The Logo Creator v4" = The Logo Creator v4
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Totalcmd" = Total Commander (Remove or Repair)
"VobSub" = VobSub v2.23 (Remove Only)
"WebShot_is1" = WebShot
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Quick AVI Creator" = Quick AVI Creator

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2011 7:37:43 | Computer Name = LUB-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 27.12.2011 7:37:49 | Computer Name = LUB-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 27.12.2011 7:39:21 | Computer Name = LUB-PC | Source = Perflib | ID = 1023
Description =

Error - 27.12.2011 7:39:24 | Computer Name = LUB-PC | Source = Perflib | ID = 1023
Description =

Error - 27.12.2011 7:39:28 | Computer Name = LUB-PC | Source = Perflib | ID = 1023
Description =

Error - 27.12.2011 7:39:31 | Computer Name = LUB-PC | Source = Perflib | ID = 1008
Description =

Error - 27.12.2011 7:39:31 | Computer Name = LUB-PC | Source = Perflib | ID = 1023
Description =

Error - 27.12.2011 16:17:52 | Computer Name = LUB-PC | Source = Perflib | ID = 1010
Description =

Error - 28.12.2011 5:09:52 | Computer Name = LUB-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error - 28.12.2011 5:09:52 | Computer Name = LUB-PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

[ Media Center Events ]
Error - 25.12.2008 14:17:09 | Computer Name = Owner-PC | Source = ehRecvr | ID = 4
Description =

Error - 26.12.2008 21:36:07 | Computer Name = LUB-PC | Source = ehRecvr | ID = 4
Description =

Error - 9.6.2009 17:05:11 | Computer Name = LUB-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku SportsSchedule
se nezdařilo.

Error - 11.7.2009 3:31:52 | Computer Name = LUB-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku SportsSchedule
se nezdařilo.

Error - 31.12.2009 4:49:37 | Computer Name = LUB-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku SportsSchedule
se nezdařilo.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 14:01
od octavia
OTL se nevejde do jednoho prispevku kvuli omezeni poctu znaku
OTL 1/2

OTL logfile created on: 28.12.2011 12:20:48 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 46,37% Memory free
8,17 Gb Paging File | 5,88 Gb Available in Paging File | 71,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 6,21 Gb Free Space | 4,17% Space Free | Partition Type: NTFS
Drive D: | 138,30 Gb Total Space | 11,06 Gb Free Space | 8,00% Space Free | Partition Type: NTFS
Drive H: | 3,69 Gb Total Space | 0,01 Gb Free Space | 0,30% Space Free | Partition Type: FAT32

Computer Name: LUB-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011.12.28 12:17:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.09 12:25:52 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.11.03 19:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.09.30 19:26:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.08.24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.07.24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008.08.09 05:00:40 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2008.06.24 04:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.06.18 06:10:34 | 000,424,504 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2008.06.18 06:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2007.11.28 23:26:00 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005.09.30 18:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
PRC - [2001.07.03 09:17:04 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.27 09:50:14 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.09 12:25:56 | 001,988,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2011.11.09 12:25:56 | 000,161,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2011.11.09 12:25:56 | 000,021,656 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2011.09.30 19:26:50 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2001.07.03 09:17:06 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
MOD - [2001.07.03 09:17:04 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.03.06 10:30:48 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV:64bit: - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV:64bit: - [2007.03.11 13:15:28 | 000,535,807 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2011.11.03 19:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.06 10:30:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.15 21:56:51 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2010.08.24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.11 10:01:33 | 000,183,112 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2005.09.30 18:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2010.06.21 23:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.01.27 20:47:21 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.04.11 06:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.04.11 06:34:05 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbccid.sys -- (USBCCID)
DRV:64bit: - [2009.04.11 06:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.02.22 10:05:01 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008.12.01 17:52:15 | 000,119,744 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.08.06 08:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.07.21 13:11:56 | 000,032,200 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.06.25 23:40:19 | 004,735,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008.06.13 11:03:12 | 000,663,040 | ---- | M] (DiBcom) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dvb7700all.sys -- (mod7700)
DRV:64bit: - [2008.06.03 07:41:49 | 000,017,464 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008.05.29 18:21:00 | 000,016,440 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\lullaby.sys -- (lullaby)
DRV:64bit: - [2008.05.29 14:44:40 | 000,270,080 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AF9035BDA.sys -- (AF9035BDA)
DRV:64bit: - [2008.05.07 10:40:37 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.04.01 10:59:19 | 001,878,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2008.02.16 02:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008.01.21 03:47:28 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avc.sys -- (Avc)
DRV:64bit: - [2008.01.21 03:46:59 | 000,054,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2008.01.21 03:46:57 | 000,058,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\61883.sys -- (61883)
DRV:64bit: - [2008.01.21 03:46:53 | 000,061,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\msdv.sys -- (MSDV)
DRV:64bit: - [2007.12.19 01:57:12 | 000,059,392 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2007.12.06 11:12:55 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007.08.11 04:19:44 | 000,034,872 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2007.08.03 05:26:47 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2007.07.28 03:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007.07.27 04:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007.07.24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007.05.31 02:27:12 | 000,024,960 | ---- | M] (Intel Corporation (UK)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CE6230BDA.sys -- (ce6230BDACAP)
DRV:64bit: - [2007.05.31 02:18:38 | 000,058,624 | ---- | M] (Intel Corporation (UK)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CE6230StandaloneDriver.sys -- (ce6230)
DRV:64bit: - [2007.03.21 17:37:46 | 000,106,496 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\STK02HW2.sys -- (DCamUSBSTK02H)
DRV:64bit: - [2007.03.12 19:49:18 | 000,120,320 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2007.03.06 20:46:44 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV:64bit: - [2007.02.20 17:29:30 | 000,065,408 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.12.20 19:59:02 | 000,140,160 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\adusbser.sys -- (adusbser)
DRV:64bit: - [2006.10.27 14:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\MarvinBus64.sys -- (MarvinBus)
DRV - [2008.12.27 15:05:26 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008.12.01 17:52:15 | 000,119,744 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007.04.27 16:13:34 | 000,044,800 | ---- | M] (Intel Corporation (UK)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\CE6230StandaloneDriver.sys -- (ce6230)
DRV - [2007.04.27 10:29:10 | 000,019,328 | ---- | M] (Intel Corporation (UK)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\CE6230BDA.sys -- (ce6230BDACAP)
DRV - [2007.03.21 17:37:28 | 000,101,520 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\STK02HW2.sys -- (DCamUSBSTK02H)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Owner\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.10.13 19:13:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.10 20:32:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.30 19:26:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.26 09:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.19 22:26:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.01.24 19:21:21 | 000,000,000 | ---D | M]

[2010.09.09 20:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010.09.09 20:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.07.13 18:54:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009.10.05 15:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.03.17 23:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2011.12.24 22:09:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions
[2010.08.16 07:11:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.20 06:24:25 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.24 22:09:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.10.20 20:40:17 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.10.16 17:33:07 | 000,000,000 | ---D | M] (České slovníky pro kontrolu pravopisu) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\extensions\cs@dictionaries.addons.mozilla.org
[2011.03.26 09:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.01.29 16:54:21 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.13 13:39:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.13 19:19:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.21 21:36:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.26 09:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011.03.26 09:15:09 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.09.30 19:26:52 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.30 19:26:47 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.30 19:26:47 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.30 19:26:47 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.30 19:26:47 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.30 19:26:47 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: ICQ Search ()
CHR - default_search_provider: search_url = http://search.icq.com/search/results.ph ... cid=chrome
CHR - default_search_provider: suggest_url =
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289\

O1 HOSTS File: ([2011.12.28 11:11:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (DocumentExporterIE) - {e88d1d51-70d0-4a24-b58c-b509d39fdbb9} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (DocumentExporterIE) - {e88d1d51-70d0-4a24-b58c-b509d39fdbb9} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Document Exporter) - {da153d37-a57e-4f22-a649-6aeef4a10c28} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Document Exporter) - {da153d37-a57e-4f22-a649-6aeef4a10c28} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll ()
O3:64bit: - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9:64bit: - Extra 'Tools' menuitem : Document Exporter Settings - {22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js ()
O9:64bit: - Extra Button: Document Exporter Settings - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll ()
O9 - Extra 'Tools' menuitem : Document Exporter Settings - {22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Document Exporter Settings - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll ()
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.117.209.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47A78065-8EF5-437E-AFBC-6E04A9897010}: DhcpNameServer = 217.117.209.1 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Pictures\Tapety\Gabinka 2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Pictures\Tapety\Gabinka 2.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\SysWow64\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.mjpg - C:\Windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.12.28 12:17:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011.12.28 11:31:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2011.12.28 11:11:23 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.12.27 21:22:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.12.27 21:22:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.12.27 21:22:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.12.27 21:22:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.25 10:32:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Gábinka
[2010.01.27 20:47:21 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Owner\AppData\Roaming\pcouffin.sys
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.12.28 12:29:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.28 12:17:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011.12.28 11:27:00 | 000,823,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.28 11:27:00 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.28 11:27:00 | 000,111,924 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.12.28 11:27:00 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.28 11:27:00 | 000,024,250 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.12.28 11:11:34 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.12.28 11:11:34 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.12.28 11:11:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.28 11:08:44 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011.12.28 11:08:23 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 11:08:22 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 11:08:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.28 11:08:14 | 4294,037,504 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.28 11:06:46 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.26 12:42:13 | 000,182,272 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.25 21:12:21 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.12.22 16:56:49 | 004,472,247 | ---- | M] () -- C:\Users\Owner\Desktop\poukaz vnouce.psd
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.28 12:29:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.27 21:22:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.12.27 21:22:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.12.27 21:22:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.12.27 21:22:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.12.27 21:22:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.12.22 16:35:39 | 004,472,247 | ---- | C] () -- C:\Users\Owner\Desktop\poukaz vnouce.psd
[2011.08.14 08:51:41 | 000,000,732 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2011.05.08 17:44:46 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{35520CD9-3C50-4092-A1C9-0058EBD93E24}
[2010.05.18 20:56:26 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.05.09 19:15:40 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.02.01 15:49:29 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010.01.27 20:47:21 | 000,007,859 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.cat
[2010.01.27 20:47:21 | 000,001,167 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\pcouffin.inf
[2010.01.25 20:21:13 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010.01.25 20:21:13 | 000,000,001 | ---- | C] () -- C:\Windows\qmtrip22.dll
[2009.11.21 20:18:38 | 000,000,000 | ---- | C] () -- C:\Windows\Orion 2009 spořič obrazovky.ini
[2009.10.27 15:59:34 | 000,014,694 | ---- | C] () -- C:\Windows\SysWow64\Main.ini
[2009.10.12 16:32:55 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
[2009.09.11 09:31:01 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.09.11 09:30:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.09.11 09:29:41 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.08.07 16:08:48 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.08.07 16:08:47 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.08.07 16:08:47 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.07.16 14:20:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.11 10:01:37 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2008.12.30 14:47:24 | 000,000,155 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\default.rss
[2008.12.30 14:46:11 | 000,182,272 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.28 11:25:05 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.12.27 21:30:55 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2008.12.27 20:51:55 | 000,000,008 | RHS- | C] () -- C:\ProgramData\A1774FE9A5.sys
[2008.12.27 20:51:54 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2008.12.27 19:16:01 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\A5E94F77A1.sys
[2008.12.27 19:15:14 | 000,003,766 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2008.12.27 15:05:36 | 000,000,002 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.12.27 15:05:35 | 000,000,002 | -HS- | C] () -- C:\Users\Owner\AppData\Roaming\.zreglib
[2008.12.25 19:03:44 | 000,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2008.12.25 19:03:44 | 000,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2008.12.25 19:03:44 | 000,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2008.12.25 18:37:15 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.12.25 18:37:08 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.11.01 10:53:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.10.31 13:02:27 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.26 11:36:20 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\af15irtbl.bin
[2008.05.22 21:24:18 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar_mpfc.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2008.04.29 20:58:32 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008.04.29 19:32:48 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 03:49:53 | 000,161,792 | ---- | C] () -- C:\Windows\regedit.exe
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
[2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2002.08.31 07:00:00 | 000,001,695 | -H-- | C] () -- C:\Windows\SysWow64\msisl$.dll
[2001.01.23 23:31:18 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\prntfix.exe
[2000.04.14 16:50:02 | 000,343,040 | ---- | C] () -- C:\Windows\SysWow64\Lffpx7.dll
[1998.06.11 13:08:06 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\Lfkodak.dll

========== LOP Check ==========

[2009.12.26 11:06:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AnvSoft
[2009.08.11 18:34:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AV Bros Puzzle Pro 2.2 DEMO
[2009.08.06 18:25:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Broad Intelligence
[2009.08.09 09:50:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2009.02.22 10:10:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools
[2009.02.22 10:24:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2009.02.22 10:10:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2011.10.02 19:34:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2010.06.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Facebook
[2011.12.18 09:55:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2009.10.30 21:46:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2008.12.31 01:09:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gold Wave Editor
[2011.11.29 22:55:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ICQ
[2009.01.11 09:57:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2010.05.09 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MAGIX
[2011.08.20 10:53:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Movier
[2009.03.17 19:06:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Navigator
[2010.10.13 19:17:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2009.01.31 09:47:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nvu
[2008.12.28 12:06:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010.10.13 18:35:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2008.12.30 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Pixmantec
[2011.08.10 20:38:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Publish Providers
[2009.05.28 20:37:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Scala
[2010.12.18 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Složka odesílání Share-to-Web
[2011.08.11 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony
[2011.08.13 11:26:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony Creative Software
[2009.07.12 10:28:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SteelBytes
[2011.08.19 21:26:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2009.01.02 01:09:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2010.09.09 20:12:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2010.07.13 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom
[2009.08.04 16:44:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VistaCodecs
[2009.01.08 19:26:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VitySoft
[2011.09.28 10:56:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vso
[2011.11.12 14:10:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Zoner
[2011.12.28 11:06:47 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =


< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:50:26 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009.04.11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.21 03:49:38 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009.04.11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.04.11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008.01.21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\SysNative\csrss.exe
[2008.01.21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_b5027f5b9c731f82\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\ERDNT\cache86\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: LSASS.EXE >
[2009.06.15 14:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 16:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.02.13 09:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 14:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 14:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.06.15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SysNative\lsass.exe
[2009.06.15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 12:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.02.13 06:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009.06.15 14:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 15:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009.02.13 08:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 14:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe

< MD5 for: NDIS.SYS >
[2008.01.21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2008.02.08 05:41:30 | 000,643,640 | ---- | M] (Microsoft Corporation) MD5=37A917C8586225B0D04E407C11639B7E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_02504837f08cff85\ndis.sys
[2009.04.11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\ERDNT\cache64\ndis.sys
[2009.04.11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009.04.11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[2008.02.08 18:31:28 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=F9A3AE5C9F047D71A36A99F9ABCA7D02 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_04649429ed923a09\ndis.sys

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 14:02
od octavia
OTL2/2


< MD5 for: NTFS.SYS >
[2009.04.11 08:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) MD5=BAC869DFB98E499BA4D9BB1FB43270E1 -- C:\Windows\ERDNT\cache64\ntfs.sys
[2009.04.11 08:15:34 | 001,515,496 | ---- | M] (Společnost Microsoft) MD5=BAC869DFB98E499BA4D9BB1FB43270E1 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.04.11 08:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) MD5=BAC869DFB98E499BA4D9BB1FB43270E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[2008.01.21 03:50:39 | 001,540,152 | ---- | M] (Microsoft Corporation) MD5=FE86BA5AC3B50E2CA911E9C60C07B638 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\ERDNT\cache64\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 03:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\ERDNT\cache64\services.exe
[2009.04.11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009.04.11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008.01.21 03:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SMSS.EXE >
[2008.01.21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 08:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\SysNative\smss.exe
[2009.04.11 08:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:54:44 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=439017BE66398AB809D81B3AE8393883 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[2010.08.17 15:02:18 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=7F59AA690212241B398D6DBE4071EE3C -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[2010.08.17 15:04:48 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=92E6738D25C2123BE9515C0EAC0776CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[2008.01.21 03:49:35 | 000,267,264 | ---- | M] (Microsoft Corporation) MD5=E6519A9E756D74DC51C697BA62162F51 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[2009.04.11 08:10:56 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=EADA445EAEDD1D7DF4C5EB42B3612729 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[2010.08.17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\ERDNT\cache64\spoolsv.exe
[2010.08.17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\SysNative\spoolsv.exe
[2010.08.17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache86\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\ERDNT\cache64\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.16 18:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2011.06.17 21:14:30 | 001,424,272 | ---- | M] (Microsoft Corporation) MD5=19A7321E3A5F1DDB215D2815DCC8F8E4 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[2011.09.20 22:06:18 | 001,426,304 | ---- | M] (Microsoft Corporation) MD5=2CC45D932BD193CD4117321D469AD6B2 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.09.20 22:06:18 | 001,426,304 | ---- | M] (Microsoft Corporation) MD5=2CC45D932BD193CD4117321D469AD6B2 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.20 22:06:18 | 001,426,304 | ---- | M] (Microsoft Corporation) MD5=2CC45D932BD193CD4117321D469AD6B2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[2009.12.08 19:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 16:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 15:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 13:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 19:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 16:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 15:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2011.06.17 21:14:30 | 001,427,344 | ---- | M] (Microsoft Corporation) MD5=4DAD14118FBCF7C609F2A4CE21FBCC5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[2011.09.20 22:06:18 | 001,423,744 | ---- | M] (Microsoft Corporation) MD5=73BED5067ED53A9DF05FA8EAB42578D0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[2009.08.14 17:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 13:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 17:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009.12.08 21:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 09:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.06.16 18:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 08:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 17:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 15:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 19:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 22:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 00:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 17:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.15 23:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009.12.08 21:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 21:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 09:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache86\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\ERDNT\cache64\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.11.02 16:04:04 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2008.12.27 00:46:01 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
[2006.11.02 16:13:03 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.10.31 12:47:13 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTeK_G50VT.alu
[2006.09.18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[20 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[37 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0e49f4ff7f6ad3727e25c21f0081f5d2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0e49f4ff7f6ad3727e25c21f0081f5d2\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.08.11 18:46:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Adobe
[2009.12.26 11:06:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AnvSoft
[2009.02.04 22:10:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2009.08.11 18:34:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AV Bros Puzzle Pro 2.2 DEMO
[2009.08.06 18:25:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Broad Intelligence
[2009.08.09 09:50:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2011.01.17 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Corel
[2009.02.22 10:10:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools
[2009.02.22 10:24:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2009.02.22 10:10:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2009.08.20 20:03:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DivX
[2009.09.05 17:46:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Download Manager
[2011.10.02 19:34:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2010.06.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Facebook
[2011.12.18 09:55:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2009.10.30 21:46:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2008.12.31 01:09:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gold Wave Editor
[2008.12.28 11:51:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Google
[2011.11.29 22:55:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ICQ
[2008.10.31 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Identities
[2009.07.19 09:53:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2009.01.11 09:57:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2010.11.15 21:59:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2010.05.09 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MAGIX
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2009.08.07 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Player Classic
[2011.08.15 10:37:38 | 000,000,000 | --SD | M] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2011.08.20 10:53:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Movier
[2008.12.28 11:25:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2009.03.17 19:06:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Navigator
[2010.04.14 19:42:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NCH Software
[2010.01.30 22:27:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nero
[2011.05.15 12:18:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NeroDCTemplates
[2010.04.06 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NeroDigital(TM)
[2010.10.13 19:17:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2009.01.31 09:47:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nvu
[2008.12.28 12:06:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010.10.13 18:35:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2008.12.30 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Pixmantec
[2011.08.10 20:38:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Publish Providers
[2010.01.29 22:38:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Real
[2009.05.28 20:37:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Scala
[2009.02.22 11:18:25 | 000,000,000 | RH-D | M] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2011.12.27 23:52:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Skype
[2011.10.07 11:53:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\skypePM
[2010.12.18 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Složka odesílání Share-to-Web
[2011.08.11 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony
[2011.08.13 11:26:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony Creative Software
[2009.07.12 10:28:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SteelBytes
[2008.10.31 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Symantec
[2011.08.19 21:26:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2009.01.02 01:09:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2010.09.09 20:12:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2010.07.13 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom
[2009.08.04 16:44:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VistaCodecs
[2009.01.08 19:26:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VitySoft
[2011.09.28 10:56:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vso
[2008.12.27 00:38:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinRAR
[2011.11.12 14:10:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Zoner
[2009.08.09 11:51:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ZoomBrowser EX

< *crack* /s >
[2007.05.04 01:07:02 | 000,003,556 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\PHP\CrackF.html
[2006.04.24 10:22:14 | 006,638,616 | R--- | M] () -- \Program Files (x86)\Atari\Test Drive Unlimited\Euro\Radio\Radio Bot\Fix the Cracks - Humanzi.mp3
[2005.03.08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Custom Data\Bumpmap\Cracks.cpt
[2008.07.14 10:02:56 | 000,017,870 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Custom Data\Canvas\cracks2c.bmp
[2004.01.29 04:53:36 | 000,004,902 | ---- | M] () -- \Program Files (x86)\Photo Collage Creator\Textures\cracked2.jpg
[1998.11.20 13:13:52 | 000,003,590 | ---- | M] () -- \Program Files (x86)\Xara\Xara3D6\Textures\Coarse\MidCntst\cracket.jpg
[2008.04.08 13:46:56 | 000,000,222 | ---- | M] () -- \Users\Owner\Desktop\PDA, mobily\PDA karta zaloha 2\crack PDA skin pocasi atd.txt
[2010.11.08 21:04:36 | 520,349,696 | ---- | M] () -- \Users\Owner\Documents\Downloads\ophcrack-vista-livecd-2.3.1.iso
[2007.04.23 11:18:31 | 000,000,134 | ---- | M] () -- \Users\Owner\Documents\Downloads\software\grafika\Adobe_Photoshop_CS3_Activation_Pack___GRTeam\Adobe Photoshop CS3 Activation Pack - GRTeam\how to crack.nfo

< *keygen* /s >
[2007.05.04 01:07:00 | 000,013,367 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\HTML\KEYGEN.html
[2007.12.29 22:55:44 | 000,050,176 | -H-- | M] () -- \Users\Owner\Desktop\PDA, mobily\Aktivator_Map_Tomtom_7_Tomtom_8\Aktivator_Map_7.xx___8.xx\Aktyvator Map 7.xx & 8.xx\tt7_keygen.exe
[2008.06.11 10:04:46 | 000,050,176 | -H-- | M] () -- \Users\Owner\Desktop\PDA, mobily\Aktivator_Map_Tomtom_7_Tomtom_8\Aktivator_Map_7.xx___8.xx\Aktyvator Map 7.xx & 8.xx\tt8_keygen2.exe
[2007.12.15 16:26:02 | 000,049,664 | ---- | M] () -- \Users\Owner\Desktop\PDA, mobily\PDA karta zaloha 2\TT7\Keygen7\tt7_keygen.exe
[2007.02.28 14:08:42 | 000,060,416 | ---- | M] () -- \Users\Owner\Documents\Asus\AdobePhotoshop10cs+lightroom\Adobe.Photoshop.Lightroom.v1.4.1.Multilingual.Incl.Keygen-ViRiLiTY\Adobe.Photoshop.Lightroom.v1.4.1.Multilingual.Incl.Keygen-ViRiLiTY\keygen.exe
[2006.01.20 00:48:56 | 000,076,800 | ---- | M] () -- \Users\Owner\Documents\Asus\Corel (13) X3\CorelDRAW.Graphics.Suite.X3.v13.0.Keygen.Only(2)\keygen.exe
[2009.04.02 23:44:05 | 000,070,656 | ---- | M] () -- \Users\Owner\Documents\Downloads\Adobe-Photoshop-CS4-Keygen-[-kentuckykiid-]\Adobe Photoshop CS4 Keygen [ kentuckykiid ].exe
[2010.06.25 19:27:59 | 000,016,384 | ---- | M] () -- \Users\Owner\Documents\Downloads\software\grafika\CorelDraw X5 CZ with keygen\Keygen.exe
[2010.07.13 17:23:48 | 000,009,544 | ---- | M] () -- \Windows\Prefetch\TT8_KEYGEN.EXE-7440847E.pf

< *nocd* /s >
[2007.08.29 01:55:54 | 000,700,562 | ---- | M] () -- \Program Files (x86)\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook07.onepkg
[2007.08.29 01:55:54 | 002,548,432 | ---- | M] () -- \Program Files (x86)\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook06.onepkg
[2007.08.29 01:55:54 | 000,064,961 | ---- | M] () -- \Program Files (x86)\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook03.onepkg

< *nodvd* /s >

< *AutoKMS* /s >

< *AutoRearm* /s >

< *Loader* /s >
[2007.03.14 19:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 17:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.05.04 01:09:24 | 000,037,112 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS3\configuration\Shared\MM\Media\FLVLoader.swf
[2010.02.25 09:58:04 | 000,466,944 | ---- | M] () -- \Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
[2010.03.27 23:39:42 | 000,000,303 | ---- | M] () -- \Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll.manifest
[2010.04.18 19:35:49 | 000,062,712 | ---- | M] () -- \Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.exe
[2010.02.25 09:59:46 | 000,664,576 | ---- | M] () -- \Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
[2010.04.18 19:35:49 | 000,062,712 | ---- | M] () -- \Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.exe
[2008.08.21 09:06:16 | 000,013,921 | ---- | M] () -- \Program Files (x86)\City Interactive\MOTORM4X Offroad Extreme\media\texts\texts_loader.xml
[2007.03.14 17:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 16:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2008.08.14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006.10.26 21:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 21:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.01.26 03:04:28 | 000,012,648 | ---- | M] () -- \Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\ReflectionLoader.dll
[2007.03.16 08:27:58 | 000,073,728 | ---- | M] () -- \Program Files (x86)\DVDVIDEOSOFT\Free YouTube to Mp3 Converter\HttpVideoDownloader.dll
[2003.04.11 13:45:42 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2009.09.15 15:24:44 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2009.09.15 15:24:44 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008.11.30 14:07:49 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 14:07:49 | 000,004,089 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.01.01 18:05:47 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\babylon_feed\preloader01_b.swf
[2008.12.27 12:06:08 | 000,003,479 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.10.15 21:39:49 | 000,003,479 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\coreg\preloader04.swf
[2007.03.29 13:17:09 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\slide-a-lama\preloader02.swf
[2009.03.10 19:50:54 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\content\zoopaloola\preloader02.swf
[2008.12.27 12:05:50 | 000,552,798 | ---- | M] () -- \Program Files (x86)\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2011.04.01 17:12:02 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.01 17:12:03 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.01 17:12:01 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.22 08:17:17 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.01 17:12:37 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.01 17:12:34 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2006.09.02 16:55:48 | 000,000,668 | ---- | M] () -- \Program Files (x86)\Jalbum8.1\skins\Boxer\res\graphics\loader.gif
[2006.12.08 09:26:30 | 000,000,673 | ---- | M] () -- \Program Files (x86)\Jalbum8.1\skins\Boxer\res\graphics\loader.white.gif
[2005.08.10 19:01:12 | 000,044,934 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\Configuration\Components\User Interface\Loader.swc
[2005.06.20 15:45:24 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\FP7\MovieClipLoader.as
[2005.06.20 15:45:26 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\FP8\MovieClipLoader.as
[2005.07.13 12:06:52 | 000,010,454 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\mx\controls\Loader.as
[2003.08.12 16:24:32 | 000,000,755 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash MX 2004\en\First Run\Classes\MovieClipLoader.as
[2003.08.15 15:46:04 | 000,010,127 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash MX 2004\en\First Run\Classes\mx\controls\Loader.as
[2003.09.04 18:52:06 | 000,044,409 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash MX 2004\en\First Run\Components\UI Components\Loader.swc
[2008.12.06 17:13:52 | 000,001,070 | ---- | M] () -- \Program Files (x86)\MediaCoder\extensions\_include\loader.html
[2010.02.15 11:13:16 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.05.29 04:52:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.29 04:52:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2005.06.17 14:42:16 | 000,003,095 | ---- | M] () -- \Program Files (x86)\Nvu\components\uriloader.xpt
[2008.06.23 15:24:50 | 000,021,776 | ---- | M] () -- \Program Files (x86)\Pinnacle\TVCenter Pro\PMC.Loader.Common.dll
[2008.06.23 15:24:54 | 000,644,368 | ---- | M] () -- \Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe
[2006.12.13 02:16:24 | 000,001,217 | ---- | M] () -- \Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe.Manifest
[2008.06.23 15:24:56 | 000,193,808 | ---- | M] () -- \Program Files (x86)\Pinnacle\TVCenter Pro\Settings.Loader.dll
[2008.10.08 18:16:46 | 000,291,840 | ---- | M] () -- \Program Files (x86)\RajcePhotoDownloader\RajcePhotoDownloader.exe
[2009.06.28 00:13:30 | 000,209,125 | ---- | M] () -- \Program Files (x86)\Rigs of Rods 0.36.2\streams\final\vehicles\skiploader.zip
[2006.10.07 19:36:22 | 000,699,216 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Custom.dds
[2004.05.07 15:29:58 | 002,097,280 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Finland.dds
[2004.05.07 15:29:58 | 002,097,280 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Irland.dds
[2004.05.07 15:30:00 | 002,097,280 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Kenya.dds
[2004.05.07 15:30:00 | 002,097,280 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Nevada.dds
[2004.05.07 15:30:02 | 002,097,280 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Poland.dds
[2006.10.07 19:36:22 | 000,699,216 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Data\Menu\textures\Loader_Test.dds
[2006.10.23 13:00:50 | 000,002,537 | ---- | M] () -- \Program Files (x86)\UAZ Racing 4x4\Java\ClassReloader.class
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011.03.08 18:10:08 | 000,670,208 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 10:46:24 | 000,685,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2011.11.01 16:47:10 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.11.01 16:47:22 | 000,016,776 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2011.11.01 16:47:56 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2009.09.23 13:39:12 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2009.09.23 13:39:12 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2005.06.20 15:45:24 | 000,000,544 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP7\MovieClipLoader.as
[2005.06.20 15:45:26 | 000,000,544 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP8\MovieClipLoader.as
[2005.07.13 12:06:52 | 000,010,454 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\mx\controls\Loader.as
[2003.08.12 16:24:32 | 000,000,755 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash MX 2004\en\Configuration\Classes\MovieClipLoader.as
[2003.08.15 15:46:04 | 000,010,127 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash MX 2004\en\Configuration\Classes\mx\controls\Loader.as
[2003.09.04 18:52:06 | 000,044,409 | ---- | M] () -- \Users\Owner\AppData\Local\Macromedia\Flash MX 2004\en\Configuration\Components\UI Components\Loader.swc
[2011.12.10 15:11:05 | 000,006,465 | ---- | M] () -- \Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Add-in Express\adxloader.log
[2011.12.10 15:11:07 | 000,000,905 | ---- | M] () -- \Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A2H2XNZY\TooltipLoader[1].css
[2011.12.10 15:11:07 | 000,014,290 | ---- | M] () -- \Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P8SEI2P2\TooltipLoader[1].js
[2008.12.28 19:18:04 | 000,000,054 | ---- | M] () -- \Users\Owner\AppData\Local\Pinnacle Systems GmbH\Loader\1.1.444.624\PMCLoader.exe.xml
[2010.04.14 19:06:39 | 000,000,054 | ---- | M] () -- \Users\Owner\AppData\Local\Pinnacle Systems GmbH\TVCenter Pro\1.1.444.667\PMCLoader.exe.xml
[2008.11.30 14:07:49 | 000,005,795 | ---- | M] () -- \Users\Owner\AppData\Local\VirtualStore\Program Files (x86)\ICQ6.5000\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 14:07:49 | 000,004,089 | ---- | M] () -- \Users\Owner\AppData\Local\VirtualStore\Program Files (x86)\ICQ6.5000\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.01.01 18:05:47 | 000,002,886 | ---- | M] () -- \Users\Owner\AppData\Local\VirtualStore\Program Files (x86)\ICQ6.5000\services\icqXtraz\ver1\content\babylon_feed\preloader01_b.swf
[2008.12.27 12:06:08 | 000,003,479 | ---- | M] () -- \Users\Owner\AppData\Local\VirtualStore\Program Files (x86)\ICQ6.5000\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2008.12.27 12:05:50 | 000,552,798 | ---- | M] () -- \Users\Owner\AppData\Local\VirtualStore\Program Files (x86)\ICQ6.5000\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2010.04.18 09:03:57 | 000,000,709 | ---- | M] () -- \Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Rajce Photo Downloader.lnk
[2010.04.18 09:03:57 | 000,001,983 | ---- | M] () -- \Users\Owner\Desktop\ikony z plochy\Rajce Photo Downloader.lnk
[2010.03.19 20:54:20 | 000,000,051 | ---- | M] () -- \Users\Owner\Desktop\PDA, mobily\GO730 zaloha\bootloaderversion.txt
[2010.08.12 18:50:06 | 000,001,436 | ---- | M] () -- \Users\Owner\Desktop\PDA, mobily\Navigace TomTom Go510\Bootloaders.txt
[2010.08.12 16:05:18 | 000,000,023 | ---- | M] () -- \Users\Owner\Desktop\PDA, mobily\TomTom origo PNA karta\bootloaderversion.txt
[2011.08.14 08:29:27 | 005,481,908 | ---- | M] () -- \Users\Owner\Documents\Downloads\vdownloader.zip.part
[2008.09.13 17:04:14 | 000,034,816 | ---- | M] () -- \Users\Owner\Documents\Downloads\software\jdownloader_v0.4.132_c\jdownloader\JDownloader.exe
[2009.01.20 17:08:44 | 001,058,259 | ---- | M] () -- \Users\Owner\Documents\Downloads\software\jdownloader_v0.4.132_c\jdownloader\JDownloader.jar
[2008.12.27 12:24:00 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.12.27 21:21:49 | 000,026,404 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.01.21 03:55:15 | 000,005,276 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9.manifest
[2008.01.21 03:55:15 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9_winload.efi.mui_35ee487d
[2008.01.21 03:55:15 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9_winload.exe.mui_3bc5b827
[2008.01.21 03:55:15 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9_winresume.efi.mui_f412814e
[2008.01.21 03:55:15 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9_winresume.exe.mui_ff8b5358
[2011.04.14 22:23:52 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb.manifest
[2011.04.14 22:23:52 | 001,076,608 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winload.efi_75834aa0
[2011.04.14 22:23:52 | 001,063,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winload.exe_75835076
[2011.04.14 22:23:52 | 000,991,104 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winresume.efi_85cd069f
[2011.04.14 22:23:52 | 000,979,840 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winresume.exe_85cd1215
[2010.08.27 23:32:48 | 000,004,168 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134.manifest
[2010.08.27 23:32:48 | 000,019,432 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134_spldr.sys_98bd87a0
[2008.02.29 08:26:46 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_27bb02f6b077b2c1.manifest
[2008.02.29 08:30:04 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_d0abd8ef9f55be86.manifest
[2008.02.29 16:31:17 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_d07735d39f7cb02b.manifest
[2008.02.29 14:16:12 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_732eabd2924ec68d.manifest
[2008.02.29 16:33:37 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_5d56a2196980ac0b.manifest
[2008.02.29 08:52:10 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_ff7c21265c9bbde6.manifest
[2008.02.29 14:07:00 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_89b7ca4e285dba8d.manifest
[2008.02.29 08:27:56 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_28155ee9c9b95cf3.manifest
[2008.02.29 08:20:31 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_d10634e2b89768b8.manifest
[2008.02.29 12:20:42 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_d0d191c6b8be5a5d.manifest
[2008.02.29 12:49:38 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_738907c5ab9070bf.manifest
[2008.02.29 12:20:29 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_5db0fe0c82c2563d.manifest
[2008.02.29 08:58:04 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_ffd67d1975dd6818.manifest
[2008.02.29 12:34:34 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_8a122641419f64bf.manifest
[2008.01.21 03:44:34 | 000,005,276 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d2b755899c6147a9.manifest
[2008.02.29 08:29:24 | 000,005,771 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_b539d91c27f8c85b.manifest
[2008.02.29 08:16:24 | 000,005,771 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_b594350f413a728d.manifest
[2008.01.21 03:42:42 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_b74555b62504517e.manifest
[2008.02.29 09:15:37 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_b736b7e4250e3ac1.manifest
[2011.02.28 09:28:48 | 000,007,115 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18606_none_b74b62d624fed872.manifest
[2008.02.29 08:55:51 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_b7be541b3e2da7dd.manifest
[2011.02.28 09:28:48 | 000,007,115 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22861_none_b78f208d3e519e56.manifest
[2009.04.10 23:40:12 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_b930cec222261cca.manifest
[2011.02.24 17:59:25 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb.manifest
[2011.02.24 17:45:29 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.22596_none_b95a24233b8bc600.manifest
[2006.11.02 13:21:14 | 000,004,253 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_c51b01c10c8e4514.manifest
[2008.01.21 03:37:29 | 000,004,176 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_c751c3bd097955e8.manifest
[2009.04.10 23:43:16 | 000,004,168 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134.manifest
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *w7lxe* /s >

< *Legalizator* /s >

< *GenuineXP* /s >

< *minodlogin* /s >

< serial.txt /s >
[2008.10.20 12:44:27 | 000,000,060 | ---- | M] () -- \Users\Owner\Documents\Downloads\software\Gold.Wave.Editor.v10.2.2-YPOGEiOS\Gold.Wave.Editor.v10.2.2-YPOGEiOS\Serial.txt

< %APPDATA%\*.* >
[2006.10.31 21:01:11 | 000,000,002 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\.zreglib
[2011.08.13 21:08:38 | 000,000,155 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\default.rss
[2010.01.27 20:47:21 | 000,007,859 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\pcouffin.cat
[2010.01.27 20:47:21 | 000,001,167 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\pcouffin.inf
[2010.01.27 20:48:32 | 000,000,034 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\pcouffin.log
[2010.01.27 20:47:21 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Owner\AppData\Roaming\pcouffin.sys

< %APPDATA%\*.exe /s >
[2010.06.17 21:14:45 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Owner\AppData\Roaming\Facebook\uninstall.exe
[2009.10.27 16:33:30 | 000,010,134 | R--- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{4DE6B4E0-770F-416B-BB9A-65116871D165}\ARPPRODUCTICON.exe
[2009.01.06 16:55:03 | 000,029,926 | R--- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
[2010.11.13 22:28:00 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
[2009.10.27 16:16:18 | 000,010,134 | R--- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{9A824ED3-387B-44ED-90CA-B58D5B8171AB}\ARPPRODUCTICON.exe
[2009.02.22 11:16:55 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
[2010.03.14 10:32:39 | 000,010,134 | R--- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2010.03.14 10:32:39 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2008.02.13 07:07:36 | 000,393,216 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe
[2009.01.02 01:12:34 | 000,007,168 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Thinstall\WYSIWYG Web Builder 5.5\1000000600002i\verclsid.exe

< >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DirectConsole2" = C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe -- [2008.07.25 03:42:44 | 002,701,880 | ---- | M] (ASUSTek.)
"avast" = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui -- [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange" = 1
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"DirectConsole2" = C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe -- [2008.07.25 03:42:44 | 002,701,880 | ---- | M] (ASUSTek.)
"avast" = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui -- [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange" = 1
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< >

< >

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces >

< sTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB8DBCBE-2EB8-4080-A6D0-CFA3B846EFD4}\\: IMFRatelessTimeSource
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b2f5a901-4080-11d1-a3ac-00c04fb950dc}\\: IADsTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\\JobNoProgressTimeout: 1209600
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services\\RasTimeoutResponseWait: 50
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services\\RasTimeoutPause: 5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gathering Manager\\FilterHostProcessTimeout: 120000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007\\DlsTimeoutCounter: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\Microsoft XPS Document Writer\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{47A78065-8EF5-437E-AFBC-6E04A9897010}\\LeaseTerminatesTime: 1325676048
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{601B2854-0677-4C30-8BDD-D1E2989E8D0B}\\LeaseTerminatesTime: 1284972627
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{92889FA9-F426-47FA-BA07-55A76350043D}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9C6046B6-5E5A-4733-AFB7-63EB869EFC86}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AA4B34F0-6500-4498-9466-4013A29D29B4}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C99DC1E6-1D02-4A87-905C-CA2DE95DFEC9}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E7A5A6E2-937E-4C88-A2DB-F157E562EC5F}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FD019235-28C0-4410-852B-1C6C57497B30}\\LeaseTerminatesTime: 1307981892
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FFC60341-615C-40F4-AE01-17BD1CF0820F}\\LeaseTerminatesTime: 0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar\Settings\General\\LastUpdateGamesTime: 1323526176

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.28 12:29:15 | 000,000,512 | ---- | M] () MD5=D2C8539252A8B3ECBE87F67BDDBF1923 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\VIDEO0029.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\streamvideo 23_xvid.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\Můj film 4.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\AXN Floater Jet LUB.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\423926.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\414716.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\2011-08-29 13-17-12.049_front.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\19.9.2009.mp4:TOC.WMV
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:F4CA4D70

< End of report >

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 14:16
od chodnik74
:!: Na disku máte málo místa, udělejte si více místa na disku...

:arrow: Odinstalovat ICQToolbar a ostatní toolbary

:evil: Co mi povíte na nelegální Adobe Photoshop,Corel draw a produkty TomTom???

:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Do dolního okna Vlastní skenování/opravy vložíme následující skript a stiskneme tlačítko Opravit

    Kód: Vybrat vše

    :OTL
PRC - File not found -- 
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3470727687-1027406370-3241345228-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
CHR - default_search_provider: ICQ Search ()
CHR - default_search_provider: search_url = http://search.icq.com/search/results.php?ch_id=osd&q={searchTerms}&icid=chrome
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]
[2008.12.27 20:51:55 | 000,000,008 | RHS- | C] () -- C:\ProgramData\A1774FE9A5.sys
[2008.12.27 20:51:55 | 000,000,008 | RHS- | C] () -- C:\ProgramData\A1774FE9A5.sys
[20 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[37 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0e49f4ff7f6ad3727e25c21f0081f5d2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0e49f4ff7f6ad3727e25c21f0081f5d2\*.tmp -> ]
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\VIDEO0029.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\streamvideo 23_xvid.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\Můj film 4.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\AXN Floater Jet LUB.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\423926.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\414716.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\2011-08-29 13-17-12.049_front.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\19.9.2009.mp4:TOC.WMV
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:F4CA4D70

:Files
C:\Program Files (x86)\ICQ6Toolbar\
C:\Users\Owner\Documents\Downloads\software\grafika\Adobe_Photoshop_CS3_Activation_Pack___GRTeam\ /d
C:\Users\Owner\Desktop\PDA, mobily\Aktivator_Map_Tomtom_7_Tomtom_8\ /d
C:\Users\Owner\Desktop\PDA, mobily\PDA karta zaloha 2\ /d
C:\Users\Owner\Documents\Asus\AdobePhotoshop10cs+lightroom\Adobe.Photoshop.Lightroom.v1.4.1.Multilingual.Incl.Keygen-ViRiLiTY\ /d
C:\Users\Owner\Documents\Asus\Corel (13) X3\ /d
C:\Users\Owner\Documents\Downloads\Adobe-Photoshop-CS4-Keygen-[-kentuckykiid-]\ /d
C:\Users\Owner\Documents\Downloads\software\grafika\CorelDraw X5 CZ with keygen\ /d
C:\Users\Owner\Documents\Downloads\software\Gold.Wave.Editor.v10.2.2-YPOGEiOS\ /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:Commands
[ClearAllRestorePoints]
[EmptyFlash]
[EmptyTemp]
[Purity]
[ResetHosts]
  • Po restartu pc se vám objeví log z OTL,ten mi sem prosím vložte..

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 15:16
od octavia
Tak jsem neco promaznul pro ziskani mista. Co se tyce zminenych programu, tak jsem kdysi notebook odkoupil od mistniho grafickeho studia s tim ze tam zustalo vsechno co dotycny pracovnik pouzival. V mire legality se nevyznam, ale co tak procitam log, tak jde asi i o keygen slozky, ktere jsem promaznul taktez a v ovladacich programech Corel odinstaloval, ale TomTom a Photoshop tam bohuzel nevidim.

OTL jsem spustil a vlozil text dle rad, ale skoro hodinu bezi a u programu je hlaska "NEOPOVIDA".

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 15:21
od chodnik74
Zkuste OTL spustit znovu :)

V podpisu mám pravidla fora, pročtěte si je důkladně.. A nelegální věci ven :twisted:

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 21:13
od octavia
Tak bohuzel ... i po retartu a zadani textu do OTL se rozbehne, vykona zrejme vsechny prikazy, ale log nevytvori a neustale je na horni liste programu, ze neodpovida.
Nicmene moc dekuji za pomoc, zitra odjizdim a nevim kdy zase budu v dosahu site. Kazdopadne PC se chova lepe, je o neco rychleji, starty jsou bez BS, coz bylo opravdu hrozne, takze bych muj problem povazoval za vyreseny.
S tim softwarem co jste napsal urco neco udelam. Zkusim prolezt vsechny programy a zjistim ktere by nemely byt v PC.

Diky a preji hezke svatky

Re: Prosím o kontrolu - prilis casto padajici PC do blue scr

Napsal: 28 pro 2011 21:37
od chodnik74
Zkuste vykonat script v nouzovém režimu (při startu pc mačkejte F8), až budete mít čas. Ale neutíkejte mi, pak se ozvěte, pc je třeba vyčistit od používaných programů :)
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz