VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivna kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=132957

Stránka 2 z 2

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 19:51
od jossi9432
========== Files - Modified Within 7 Days ==========

[2013.09.25 20:21:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.25 20:09:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.25 17:22:52 | 000,614,400 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2013.09.25 17:22:52 | 000,000,204 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.09.25 17:22:52 | 000,000,135 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2013.09.25 17:16:44 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.25 17:16:43 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.25 17:08:42 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.25 17:08:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.25 17:08:08 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.25 10:22:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGrejtak.job
[2013.09.24 19:41:35 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.24 19:41:35 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.24 18:36:45 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.24 18:36:34 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.24 15:17:36 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.24 15:17:36 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.24 15:17:36 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.24 02:38:00 | 002,094,844 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1207020.003\Cat.DB
[2013.09.24 02:34:51 | 000,765,700 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.23 23:20:46 | 000,000,073 | ---- | M] () -- C:\Windows\wininit.ini
[2013.09.23 16:51:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.09.23 01:00:35 | 000,001,883 | ---- | M] () -- C:\Users\Grejtak\Desktop\BlueJ.lnk
[2013.09.23 00:51:07 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.09.23 00:51:07 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.09.23 00:51:07 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.09.23 00:51:07 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.09.23 00:51:06 | 001,095,080 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.09.23 00:51:06 | 000,973,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.09.22 20:17:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.09.21 16:45:16 | 000,000,533 | ---- | M] () -- C:\Users\Grejtak\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013.09.21 00:24:21 | 000,251,904 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2013.09.20 23:44:28 | 004,444,672 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013.09.20 23:44:28 | 001,987,072 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2013.09.20 23:44:28 | 001,425,408 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2013.09.20 23:44:28 | 000,654,336 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013.09.20 23:44:28 | 000,535,552 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013.09.20 23:44:28 | 000,448,512 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013.09.20 23:44:27 | 006,344,704 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNGUI.exe
[2013.09.20 23:44:27 | 005,298,688 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNHP.dll
[2013.09.20 23:44:27 | 001,819,136 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl
[2013.09.20 23:44:27 | 001,085,440 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNX.dll
[2013.09.20 23:44:27 | 000,442,368 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2013.09.20 23:44:27 | 000,249,344 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNJ.exe
[2013.09.20 23:44:27 | 000,223,744 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2013.09.20 23:44:27 | 000,162,304 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2013.09.20 23:44:27 | 000,090,624 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2013.09.20 23:44:27 | 000,068,608 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2013.09.20 23:40:47 | 009,888,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2013.09.20 23:40:47 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2013.09.20 23:36:49 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3xhc.sys
[2013.09.20 23:36:49 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3hub.sys
[2013.09.20 23:36:49 | 000,081,920 | ---- | M] (Renesas Electronics Corporation) -- C:\Windows\SysNative\nusb3co2.dll
[2013.09.20 23:35:52 | 001,089,238 | ---- | M] () -- C:\Windows\SysNative\oem31.inf
[2013.09.20 23:35:00 | 004,747,840 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS
[2013.09.20 23:35:00 | 003,952,640 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll
[2013.09.20 23:35:00 | 003,617,792 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll
[2013.09.20 23:35:00 | 000,095,544 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll
[2013.09.20 23:35:00 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2013.09.20 23:32:50 | 001,451,056 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2013.09.20 23:32:50 | 000,226,600 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2013.09.20 23:32:50 | 000,148,264 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo9.dll
[2013.09.20 23:32:50 | 000,107,816 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2013.09.20 23:32:50 | 000,066,856 | ---- | M] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2013.09.20 23:32:49 | 000,411,944 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2013.09.20 23:32:49 | 000,276,264 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2013.09.20 23:32:49 | 000,222,504 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2013.09.20 23:32:49 | 000,177,448 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2013.09.20 12:01:42 | 000,277,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.20 01:58:02 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.09.20 01:58:02 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.09.20 01:58:02 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.09.19 22:09:13 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013.09.19 22:07:33 | 000,185,998 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.09.19 22:07:33 | 000,185,998 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.09.19 21:57:28 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.09.19 21:57:27 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.09.19 21:57:27 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.09.19 21:57:26 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.09.19 21:57:26 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.09.19 21:57:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

========== Files Created - No Company Name ==========

[2013.09.25 20:21:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.25 17:22:52 | 000,614,400 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.09.25 17:22:52 | 000,000,204 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2013.09.25 17:22:52 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.09.24 18:36:34 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.24 18:25:05 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.24 18:25:05 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.24 18:25:03 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.09.24 01:40:26 | 003,330,608 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.09.24 01:40:26 | 003,296,864 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.09.24 01:40:26 | 000,230,452 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.09.24 01:40:26 | 000,230,064 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.09.24 01:40:26 | 000,073,984 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013.09.24 01:40:26 | 000,042,535 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.09.24 01:40:26 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.09.24 01:40:26 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013.09.24 01:40:25 | 000,665,329 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.09.24 01:40:24 | 000,340,256 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.09.24 01:40:24 | 000,340,256 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.09.23 23:32:53 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.23 23:20:46 | 000,000,073 | ---- | C] () -- C:\Windows\wininit.ini
[2013.09.23 16:51:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.09.23 15:37:25 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.09.23 01:00:35 | 000,001,883 | ---- | C] () -- C:\Users\Grejtak\Desktop\BlueJ.lnk
[2013.09.22 20:17:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.09.21 16:45:16 | 000,000,533 | ---- | C] () -- C:\Users\Grejtak\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013.09.21 15:57:31 | 000,765,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.21 15:47:53 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.09.21 15:47:53 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013.09.21 15:47:53 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.09.21 15:47:53 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013.09.20 23:35:59 | 001,089,238 | ---- | C] () -- C:\Windows\SysNative\oem31.inf
[2013.09.20 23:32:55 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2013.09.20 09:33:09 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.09.20 02:49:33 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.09.20 01:04:35 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.20 01:04:35 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.19 22:14:43 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForGrejtak.job
[2013.09.19 21:59:03 | 2106,478,591 | -HS- | C] () -- C:\hiberfil.sys
[2013.09.19 21:49:36 | 000,001,413 | ---- | C] () -- C:\Users\Grejtak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.09.19 21:49:32 | 000,001,447 | ---- | C] () -- C:\Users\Grejtak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.09.05 09:45:42 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.09.05 09:45:42 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.11.25 15:27:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.25 15:15:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.11.25 15:15:10 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.11.25 15:10:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.23 15:11:04 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\IDT
[2013.09.21 00:00:07 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Origin
[2013.09.23 12:15:10 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Subversion
[2013.09.19 21:49:44 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Synaptics
[2013.09.25 16:44:51 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Tific

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,013,300 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.09.19 22:14:43 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForGrejtak.job
[2013.09.20 01:04:35 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.20 01:04:35 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.25 17:22:52 | 000,000,204 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.09.07 19:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.09.07 19:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.09.07 19:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.09.07 19:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.09.07 19:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.09.07 19:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.09.07 19:32:42 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2011.09.07 19:32:42 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.11.26 01:07:49 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.11.26 01:07:49 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[5 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.09.21 17:19:31 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Adobe
[2013.09.23 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Apple Computer
[2013.09.19 21:50:46 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\ATI
[2013.09.20 22:52:08 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Hewlett-Packard
[2013.09.20 23:57:07 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\hpqLog
[2013.09.19 21:49:22 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Identities
[2013.09.23 15:11:04 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\IDT
[2013.09.19 23:01:52 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\InstallShield
[2013.09.19 21:49:48 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Intel Corporation
[2013.09.21 16:53:59 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Macromedia
[2013.09.25 13:28:16 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Malwarebytes
[2011.11.26 01:06:04 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Media Center Programs
[2013.09.25 17:34:21 | 000,000,000 | --SD | M] -- C:\Users\Grejtak\AppData\Roaming\Microsoft
[2013.09.21 00:00:07 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Origin
[2013.09.21 17:28:49 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Skype
[2013.09.25 17:24:58 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\SkypEmoticons
[2013.09.23 12:15:10 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Subversion
[2013.09.19 21:49:44 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Synaptics
[2013.09.25 16:44:51 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\Tific
[2013.09.23 00:22:13 | 000,000,000 | ---D | M] -- C:\Users\Grejtak\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.09.24 16:46:17 | 000,088,102 | R--- | M] () -- C:\Users\Grejtak\AppData\Roaming\Microsoft\Installer\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}\ARPPRODUCTICON.exe
[2013.09.25 16:24:10 | 005,842,336 | ---- | M] (SkypEmoticons) -- C:\Users\Grejtak\AppData\Roaming\SkypEmoticons\SE.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.07.31 12:05:18 | 009,738,752 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.08.02 03:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\kernel32.dll
[2013.08.02 03:51:23 | 001,292,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ntdll.dll

< %systemroot%\Tasks\*.job >
[2013.09.25 17:22:52 | 000,000,204 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2013.09.25 17:08:42 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.25 20:09:00 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.25 10:22:35 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForGrejtak.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.07.31 12:05:18 | 009,738,752 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.08.02 03:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\kernel32.dll
[2013.08.02 03:51:23 | 001,292,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ntdll.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.25 17:24:14 | 000,000,088 | ---- | M] () -- C:\Windows\system32\11898457325152260558.log
[2013.09.23 23:52:33 | 000,054,600 | ---- | M] () -- C:\Windows\system32\CCCInstall_201309232352338336.log
[2013.09.24 02:15:02 | 000,055,445 | ---- | M] () -- C:\Windows\system32\CCCInstall_201309240215027736.log
[2013.09.24 02:40:18 | 000,055,445 | ---- | M] () -- C:\Windows\system32\CCCInstall_201309240240188423.log
[2013.09.24 02:48:19 | 000,055,153 | ---- | M] () -- C:\Windows\system32\CCCInstall_201309240248192339.log
[2013.09.25 17:11:24 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.09.24 02:34:51 | 000,765,700 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.09.24 18:36:45 | 000,076,888 | ---- | M] () -- C:\Windows\system32\PnkBstrA.exe
[2013.09.24 18:36:34 | 000,290,184 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2013.09.24 19:41:35 | 000,290,184 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2013.09.24 19:41:35 | 000,290,184 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Bloody2" = "C:\Program Files (x86)\Bloody4\Bloody4\Bloody4.exe" Minimum -- [2013.08.30 19:45:52 | 011,895,808 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.07.31 12:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.09.17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) MD5=E7148BB584830E51AFD414CE9AEAE74C -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.25 20:21:14 | 000,000,512 | ---- | M] () MD5=3E55343007E697E2FE40F631D2055282 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.02.16 18:27:28 | 000,000,107 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\BB_AC3\Assassins-Creed.3.CRACK.FIX-SKIDROW\ako cracknut.txt
[2012.04.10 09:38:38 | 000,000,117 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Deus Ex - Human Revolution (2011) - CZ\sc-dxhr-1.4.651\SKIDROW CRACK.url
[2012.10.06 16:49:07 | 006,029,312 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\nfs.mw\Crack-na-NFS-most-wanted-(alik).exe
[2013.08.01 17:28:46 | 006,710,244 | ---- | M] () -- \Users\Grejtak\Documents\Programy\nero 10\Crack-Nero-10.6.11300.exe
[2012.10.31 21:04:00 | 007,082,092 | ---- | M] () -- \Users\Grejtak\Music\part 2\15. Norman Doray ft. Andreas Moe - Cracks.mp3

< *keygen* /s >
[2004.04.13 02:24:14 | 000,091,136 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Unreal Tournament 2004\UT2004 Keygen (XP only).exe

< *loader* /s >
[2013.09.13 19:51:30 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.08.23 10:07:00 | 000,053,248 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2011.03.22 11:42:38 | 000,015,118 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2011.03.22 11:42:38 | 000,175,200 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2010.09.08 15:53:28 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2010.09.08 15:53:28 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2011.01.31 03:11:32 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.01.31 03:06:58 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010.10.15 04:58:52 | 000,001,012 | R--- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.02.16 22:13:02 | 000,411,888 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\WTDownloader.exe
[2010.11.03 23:17:00 | 000,002,193 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2011.02.16 21:02:14 | 000,009,072 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.09.23 00:49:56 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.09.23 00:49:57 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.09.23 00:49:59 | 001,183,660 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.09.23 00:49:59 | 000,006,274 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.09.23 00:49:59 | 000,005,853 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.09.23 00:50:00 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2013.08.22 19:01:26 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.09.25 16:25:58 | 000,003,208 | ---- | M] () -- \Users\Grejtak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\skin\ajax-loader.gif
[2013.09.25 16:25:59 | 000,000,808 | ---- | M] () -- \Users\Grejtak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.122.3.1_0\javascript\delayed-loader.js
[2012.11.14 12:41:38 | 000,234,616 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\BB_AC3\Assassins-Creed.3.CRACK.FIX-SKIDROW\ubiorbitapi_r2_loader.dll
[2012.11.18 23:58:16 | 000,003,584 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\BB_AC3\Assassins-Creed.3.CRACK.FIX-SKIDROW\uplay_r1_loader.dll
[2007.09.17 05:50:38 | 000,169,384 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Counter-Strike_Miloš\cstrike\models\qloader.mdl
[2007.10.12 13:08:58 | 000,352,548 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Counter-Strike_Miloš\valve\models\loader.mdl
[2007.10.12 13:10:00 | 000,012,764 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Counter-Strike_Miloš\valve\sound\ambience\loader_hydra1.wav
[2007.10.12 13:10:00 | 000,012,164 | ---- | M] () -- \Users\Grejtak\Documents\Games for install\Counter-Strike_Miloš\valve\sound\ambience\loader_step1.wav
[2012.05.16 22:43:52 | 009,580,713 | ---- | M] () -- \Users\Grejtak\Music\Lukas_ music\Far East Movement ft. Justin Bieber - Live My Life (CDQ) (SuntUploader@www.mp3md.org).mp3
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.02.02 15:31:20 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011.02.02 15:31:20 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 09:06:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 09:06:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010.11.21 09:06:45 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010.11.21 09:06:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010.11.21 09:06:45 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011.09.07 19:33:22 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.09.07 19:33:22 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.09.07 19:33:22 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.09.07 19:33:22 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.09.07 19:33:22 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.09.07 19:33:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.09.07 19:33:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 19:52
od jossi9432
OTL Extras logfile created on: 25.9.2013 20:19:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Grejtak\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,95 Gb Total Physical Memory | 4,36 Gb Available Physical Memory | 54,86% Memory free
15,90 Gb Paging File | 11,97 Gb Available in Paging File | 75,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 912,89 Gb Total Space | 536,27 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
Drive D: | 18,32 Gb Total Space | 1,96 Gb Free Space | 10,68% Space Free | Partition Type: NTFS

Computer Name: GREJTAK_HP | User Name: Grejtak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22C66E6C-691E-4EB2-B1B5-3D114D7F5AB4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{25B4E0DE-6FC0-48D6-8780-8FB9FEC2583D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{268E4CF0-1911-45FA-BBFD-A80E89E92B54}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{302D6FFC-0FFA-440D-837B-E42212559C74}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3145DEB3-61D5-4814-B0DB-CC0D5B1C2CD6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{373C33FA-8090-4208-ADAB-19E404CA86DA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C92C726-867A-4238-ADA1-2A01FD6D5F8C}" = rport=445 | protocol=6 | dir=out | app=system |
"{3FF62339-F856-484D-B3AB-5A99A33D7B5B}" = lport=445 | protocol=6 | dir=in | app=system |
"{427D5C49-C7F2-4E13-8BD8-4C65B97DF444}" = rport=138 | protocol=17 | dir=out | app=system |
"{5493586C-0899-43D8-8723-B89C0EF76C39}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{612C9D73-DA12-40FE-882C-5A331D74D12F}" = lport=137 | protocol=17 | dir=in | app=system |
"{645104A5-FCF7-4108-96DC-62087C3DF760}" = lport=139 | protocol=6 | dir=in | app=system |
"{686F365A-49E7-4F98-ADFE-6258B6907CDD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6B2FD20A-D981-48D3-BD8C-1E1BFD752178}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6D7CA13D-0EB6-4F3A-8024-43B5E47C2C28}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FF0BA40-0B86-4EA1-AD5D-EA11B3E2DD7F}" = rport=137 | protocol=17 | dir=out | app=system |
"{77824C05-57A6-4FB5-861B-860D3C2D5A79}" = rport=139 | protocol=6 | dir=out | app=system |
"{A44DA88B-0623-4073-8ADA-1DAF863F70B8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AA9262BF-1FEE-4C71-BCA8-5B75F5282FED}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D1051352-8119-4757-A804-B9060D8BCFAF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D9F8A8A9-6B01-4652-9768-73DCDD5E6F91}" = lport=138 | protocol=17 | dir=in | app=system |
"{E1510471-2BF2-4402-8F79-49640F64BE1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2B155F6-E8D4-4653-AC19-7C796FC84152}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8852E1F-133B-45AF-9A3F-8F8707E0FFFA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FDB6050-0ED9-4DC2-9C91-04BE4044AF45}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{107F8666-9E81-425D-AD66-845ADD16028F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{10D5E9A5-3E50-4691-BC00-B5B764331D40}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{156B93E5-8B9D-4458-AC3C-DEC7894FE094}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DD38D84-44F8-46BA-AEEF-2D1D5E1C1163}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{252DD0BA-CBF3-4A87-AFC9-071723CAE2A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26B581FC-960E-45CD-89A9-F7FDD857185B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2ABD1ED8-8EF0-4C22-A597-7A39D733A3AB}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{35981683-2DE8-45FB-BE0F-495FCC6B30A4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3AA23491-CFCC-47CE-8CF0-6E87AEBD4922}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{401E598A-EB10-41E5-BB34-BB9146B16B6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43A121A0-A9CE-4E34-916D-F2632A3DA689}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{45AADFE5-AFAB-43A5-8781-96AF559891FC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{532DD596-C223-4D8C-B843-146A62D7798F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5443AB6F-02F0-44E5-8D7F-1527A5375A43}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{5490BEF9-DFEA-47DB-BF61-F1D9CA1D7E92}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{59DFA420-480A-4ABE-8FAA-2145BE5B136D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5C1A5BF6-679D-4409-889F-D5173EE0D185}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5D87380E-9A01-4C23-817E-DC1997624643}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6D709E8C-F583-4A81-AC50-FB18C4795E95}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6FF7CAA4-56D0-4AEA-81D5-7C7C234CA888}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{734DDDA2-8428-4AF1-BF26-8750A1C55D0B}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{7E87F309-081C-4E1E-995E-C98643B84573}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80D51258-440D-4AA9-B3F9-DA7CBD6F2523}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8CDB26C8-283D-4CFE-A933-BB0D0B6F292D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8D2D2F85-0365-4E91-9330-32EACB64E635}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D8B4252-D218-4C13-B3CA-CDBE28E90001}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E30F14E-E1CE-4993-9C04-84345A7782B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAD77422-42B7-450E-9180-48FCEA17B3E2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{AB345155-06A8-41BF-9FBE-8C3CD83C678A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{ADD549ED-0262-4D4C-93AF-33B78FF06FA2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0F3D261-5601-43F1-849C-DCC1FD6E3FA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB316B08-7F98-4DB6-93E6-523C1D523E45}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{BFA4BDE1-1924-4033-BEEC-885527B7887E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C83908C2-83C4-4CCF-95C5-8EF55079B21C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DCCA5EDA-EE9D-4A46-8C90-09C5092E5197}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{DD5D4D2E-32BA-44A7-9055-F2CD72554762}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE69FDDE-810D-437C-8B39-E594B8EEFF3D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DEB7B3DD-A4B3-45AF-B589-0EF0FF0A2A0D}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E1736D43-D02F-4478-A126-D3E579AF784C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E2608AA8-0975-4FDC-A2B1-593565952266}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E466FDB6-12E3-4E4E-8472-508AE55B3A50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E7A0F12C-8DC0-4B76-B6B4-12FBD90A8925}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E85E11D4-857C-4EE1-BCE6-EC886FD5AFE0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{EDF66EE1-28C0-460A-9E83-06D511B4D854}" = protocol=6 | dir=out | app=system |
"{F0B57A0D-37AC-4CC5-83AF-7A9CA13DE45F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FD5A6ADE-A454-4B4E-91DC-FC886B54B908}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02270E3B-09BD-9606-F587-9D3E96F1A795}" = AMD Wireless Display v3.0
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{13351E83-6DCD-4E97-2A8C-5D496259A47F}" = AMD Catalyst Install Manager
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417040FF}" = Java 7 Update 40 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{399CCDB8-BD46-4ED6-872C-F19191938158}" = HP 3D DriveGuard
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4375AEB1-629A-EB53-3D07-42750D888DE2}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170400}" = Java SE Development Kit 7 Update 40 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71056E41-7C9F-A061-0243-0E35C16ED4C0}" = AMD Media Foundation Decoders
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A51507DC-52B6-188C-2F2C-DD0A77ADCEE3}" = AMD Accelerated Video Transcoding
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C0E7083D-9487-7796-E954-BFAE20D20F0F}" = AMD Wireless Display v3.0
"{C74080EA-F5BE-C7AC-AD62-2EE612925E02}" = AMD Drag and Drop Transcoding
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics TouchPad Driver
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06A487E5-8E18-E4E3-F8C2-547701267556}" = CCC Help Thai
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{13743092-1FFF-E3BD-D2F3-4F2BC0459467}" = CCC Help Czech
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AE22540-5746-828D-48B0-11BAE054D4CF}" = CCC Help Norwegian
"{2C0EBF11-D3AD-FA82-42CC-69F78D6123DE}" = CCC Help Danish
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30081B52-9165-02CC-7308-70E828C506F8}" = CCC Help English
"{308D3D4E-4FCB-478E-988C-476B951A1C84}" = ESU for Microsoft Windows 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3A67A8E8-DCB5-3469-2473-AA6C9E019ADA}" = CCC Help Polish
"{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}" = HP Documentation
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{43DE641A-BD79-89FD-4381-3509242EF92C}" = CCC Help Chinese Standard
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{510FFC2B-F652-CC55-17EE-364BD377CD48}" = Catalyst Control Center Localization All
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{56F1CBE0-2A24-BBDF-E1B6-81E0258FB57B}" = Catalyst Control Center Graphics Previews Common
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5E63C0AB-19B0-47D4-842E-6B324EB0614B}" = HP Connection Manager
"{63059735-CA97-FDFB-0E7A-3B8D81572EFD}" = Application Profiles
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{651BFFD3-B8C4-9FB9-7F00-DDFA4858B72B}" = CCC Help Japanese
"{678649C5-4732-58EA-7BFA-F11103832FED}" = CCC Help Hungarian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FAF41F-C0BA-4B71-B3B9-639D30FFED88}" = HP Software Framework
"{6AEBA6E9-D5C9-D65E-8846-84DDEFAA41F7}" = CCC Help French
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A95BACD-2386-4777-3408-4D2C0C1FBD4A}" = CCC Help Russian
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8870E4F7-BF68-C89E-0AFC-73BABF041809}" = Catalyst Control Center
"{888141F1-B23D-DC2E-EEF9-D640DD550D90}" = CCC Help Dutch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A68C91B5-CA21-0420-B52D-0D5F640A757F}" = CCC Help Chinese Traditional
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BA963C2E-58C2-2F42-69BB-1628CEDED569}" = CCC Help Turkish
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD30A6D3-5E98-F387-1E67-5C34DB1CCB8B}" = CCC Help German
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" = SearchNewTab
"{CAD63811-258C-AA11-9636-2C11CFC36E60}" = CCC Help Korean
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D060CBC8-FFE0-F89B-02F4-E7E2F5ED3B0E}" = CCC Help Spanish
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DD82270D-D9B1-2DF8-18DB-E40F2610DF3C}" = CCC Help Swedish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EA771C1C-14CA-7987-312D-0F1A29844BEA}" = CCC Help Greek
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF8C0DB9-9B9B-D2B2-F06E-7B377AB675D7}" = CCC Help Portuguese
"{F02A2511-AE54-B4E6-570D-E4AB47EB2918}" = CCC Help Finnish
"{F056BE6D-E42E-1914-CF64-24CE44D61F0B}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bloody3" = Bloody4
"EasyBits Magic Desktop" = Magic Desktop
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"NIS" = Norton Internet Security
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"SP_289822ec" = Ss-Helper 1.74
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"The KMPlayer" = The KMPlayer (remove only)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"WT089504" = Final Drive Nitro

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25.9.2013 11:08:36 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 7040
Description =

Error - 25.9.2013 11:08:36 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 7042
Description =

Error - 25.9.2013 11:08:36 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 9002
Description =

Error - 25.9.2013 11:08:36 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 3029
Description =

Error - 25.9.2013 11:08:42 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 3029
Description =

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 3028
Description =

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 3058
Description =

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Windows Search Service | ID = 7010
Description =

Error - 25.9.2013 11:21:11 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 19.9.2013 16:07:38 | Computer Name = Grejtak_HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091319100703.xml
File not created by asset agent

[ HP Connection Manager Events ]
Error - 21.9.2013 14:33:44 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:33:44.337|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:33:45 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:33:45.671|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:33:55 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:33:55.671|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:05 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:05.671|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:15 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:15.672|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:35 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:35.671|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:44 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:44.338|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:45 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:45.670|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:34:55 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:34:55.668|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 21.9.2013 14:35:05 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2013/09/21 20:35:05.669|00001484|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ System Events ]
Error - 25.9.2013 7:22:19 | Computer Name = Grejtak_HP | Source = DCOM | ID = 10010
Description =

Error - 25.9.2013 7:23:42 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby WinRing0_1_2_0 zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 25.9.2013 11:07:21 | Computer Name = Grejtak_HP | Source = DCOM | ID = 10010
Description =

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search bola ukončená s chybou služby %%-1073473535.

Error - 25.9.2013 11:08:48 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 25.9.2013 11:08:57 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby WinRing0_1_2_0 zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 25.9.2013 11:09:19 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby Windows
Search pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala
s nasledujúcou chybou: %%1056


< End of report >

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 20:23
od vyosek
:arrow: Dovolim si otazku, ma cenu lecit PC, ktere si uzivatel s prominutim zaliska hned vlastni blbosti zpatky diky crackum\keygenum a podobnym "dobrotami" Nehlede na porusovani autorskeho zakona :???: :???:

:arrow: A co udelame s temi nelegalnimi Office, nase forum nepodporuje SW piratstvi :?:

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 20:28
od jossi9432
Ak ten Office odinstalujem,tak by sa dalo s tym nieco robit dalej?

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 20:45
od jossi9432
tak uz som ho vymazal a uz asi tam nemam nic nelegalne

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 20:45
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{1E730549-9B74-45EA-A304-35F48E05FCB7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=7 ... Z&unqvl=36
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=725&r=2013/09/25&hid=6657482360848152290&lg=EN&cc=CZ&unqvl=36
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=7 ... Z&unqvl=36
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=725&r=2013/09/25&hid=6657482360848152290&lg=EN&cc=CZ&unqvl=36
O2 - BHO: (SearchNewTab) - {FB5CD04E-09F9-81AD-FFBC-CDC909EFB731} - C:\ProgramData\SearchNewTab\JSc4U2LL.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~2\ss-hel~1\sprote~1.dll) - c:\Program Files (x86)\Ss-Helper\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{64853f43-22f6-11e3-aec4-402cf425d2b4}\Shell - "" = AutoRun
[2013.09.25 16:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013.09.25 16:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSearch
[2013.09.21 16:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2013.09.21 16:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV
[2013.09.25 17:22:52 | 000,614,400 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.09.25 17:22:52 | 000,000,204 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2013.09.25 17:22:52 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[5 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.09.25 17:22:52 | 000,000,204 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2013.09.25 17:08:42 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.25 20:09:00 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.25 10:22:35 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForGrejtak.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-

:files
C:\ProgramData\SearchNewTab
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 21:07
od jossi9432
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E730549-9B74-45EA-A304-35F48E05FCB7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E730549-9B74-45EA-A304-35F48E05FCB7}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB5CD04E-09F9-81AD-FFBC-CDC909EFB731}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5CD04E-09F9-81AD-FFBC-CDC909EFB731}\ deleted successfully.
C:\ProgramData\SearchNewTab\JSc4U2LL.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\ss-hel~1\sprote~1.dll deleted successfully.
c:\Program Files (x86)\Ss-Helper\sprotector.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\websea~1\sprote~1.dll deleted successfully.
c:\Program Files (x86)\WebSearch\sprotector.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64853f43-22f6-11e3-aec4-402cf425d2b4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64853f43-22f6-11e3-aec4-402cf425d2b4}\ not found.
C:\ProgramData\SearchNewTab folder moved successfully.
C:\Program Files (x86)\WebSearch folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV\PanService folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV folder moved successfully.
C:\Program Files (x86)\PANDORA.TV\PanService folder moved successfully.
C:\Program Files (x86)\PANDORA.TV folder moved successfully.
C:\Windows\AutoKMS.exe moved successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\AutoKMS.ini moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31E8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A46.tmp\System.Deployment.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A46.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\tmp000.tmp folder deleted successfully.
C:\Windows\Temp\~1FE0.tmp deleted successfully.
C:\Windows\Temp\~B1E2.tmp deleted successfully.
C:\Windows\Temp\~BFD7.tmp deleted successfully.
C:\Windows\Temp\~C4F5.tmp deleted successfully.
C:\Windows\Temp\~C939.tmp deleted successfully.
C:\Windows\Temp\~D8A4.tmp deleted successfully.
File C:\Windows\Tasks\AutoKMS.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForGrejtak.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
File\Folder C:\ProgramData\SearchNewTab not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: ADMINI~1
->Temp folder emptied: 30464 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: Grejtak
->Temp folder emptied: 9327866 bytes
->Temporary Internet Files folder emptied: 1105201 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 372868371 bytes
->Flash cache emptied: 470 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16104 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 516778 bytes

Total Files Cleaned = 366,00 mb


[EMPTYFLASH]

User: ADMINI~1

User: All Users

User: Default

User: Default User

User: Grejtak
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: ADMINI~1

User: All Users

User: Default

User: Default User

User: Grejtak
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09252013_214918

Files\Folders moved on Reboot...
C:\Users\Grejtak\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 21:10
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Preventivna kontrola logu

Napsal: 25 zář 2013 21:46
od jossi9432
Uz je to v pohode,dakujem velmi pekne

Re: Preventivna kontrola logu

Napsal: 26 zář 2013 05:57
od vyosek
Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz