preventivna kontrola

Zpráva

Lubos226 · #1 Příspěvek od **Lubos226** » 11 říj 2011 01:01

prosim vas o preventivnu kontrolu ci nahodou nemam dake zbytocne sluzby/ programy pri spusteni a pod.
dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lubos at 2011-10-11 01:44:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 42 GB (10%) free of 432 GB
Total RAM: 3828 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:44:59, on 11. 10. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Lubos\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\trend micro\Lubos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: IEPwdBankBHO - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [VitaKeyTSR] "C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-325939665-3490199189-181498114-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-325939665-3490199189-181498114-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... pirexe.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Data Security Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
O23 - Service: EgisTec Service Help - Egis Technology Inc. - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17063 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe"
"C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 35046992
\??\C:\windows\system32\conhost.exe "165010620-402908286-1254437347-823724121-28502599111559006461805366465-37850576
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Realtek\RtLED\RtLEDService.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Realtek\RtLED\RtLED.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
System32\TPHDEXLG64.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3784
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\QIP\qip.exe"
"taskhost.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Lubos\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe62_ Global\UsGthrCtrlFltPipeMssGthrPipe62 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Lubos\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\AutoKMS.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lubos\AppData\Roaming\Mozilla\Firefox\Profiles\5g5d66yp.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NpFv530.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-10 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll [2011-06-28 241464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56CBB761-DA41-4E31-B270-B13B4B0A61D0}]
IEPwdBankBHO Class - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll [2010-05-28 53616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-09 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-04-21 1535808]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll [2011-06-28 696000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-02 10821224]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-03-29 2598280]
"TpShocks"=C:\Windows\System32\TpShocks.exe [2010-03-15 231328]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-08-31 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-08-31 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-08-31 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-12-21 909696]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lubos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2011-08-22 103536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lubos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KN StrongDC.lnk]
C:\PROGRA~1\KN_STR~1\StrongDC.exe [2008-07-15 3361792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-09-30 111640]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"VitaKeyTSR"=C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [2010-05-28 376176]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"YouCam Mirror Tray icon"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-03 171104]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"PLTSR"=C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [2010-09-11 364400]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-08-31 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
EgisPwdFilter
EgisDSPwdFilter
EgisPLPwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe"="C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe"="C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2011-10-11 01:44:53 ----D---- C:\rsit
2011-10-11 01:44:53 ----D---- C:\Program Files\trend micro
2011-10-10 21:05:45 ----D---- C:\Users\Lubos\AppData\Roaming\ProgSense
2011-10-10 21:05:40 ----D---- C:\Users\Lubos\AppData\Roaming\GrabPro
2011-10-10 21:05:33 ----D---- C:\Users\Lubos\AppData\Roaming\Orbit
2011-10-10 21:05:33 ----D---- C:\Program Files (x86)\Orbitdownloader
2011-10-08 13:51:07 ----A---- C:\windows\SYSWOW64\unins000.exe
2011-10-08 13:51:07 ----A---- C:\windows\SYSWOW64\unins000.dat
2011-10-08 13:51:07 ----A---- C:\windows\SYSWOW64\camcodec.dll
2011-10-08 13:50:48 ----D---- C:\Program Files (x86)\CamStudio
2011-10-04 12:07:30 ----D---- C:\windows\pss
2011-10-04 10:50:40 ----D---- C:\Users\Lubos\AppData\Roaming\VMware
2011-10-04 10:44:19 ----A---- C:\windows\system32\drivers\vmx86.sys
2011-10-04 10:43:49 ----A---- C:\windows\SYSWOW64\vmnetdhcp.exe
2011-10-04 10:43:45 ----A---- C:\windows\SYSWOW64\vmnat.exe
2011-10-04 10:43:45 ----A---- C:\windows\system32\drivers\vmnetuserif.sys
2011-10-04 10:43:41 ----A---- C:\windows\system32\vnetlib64.dll
2011-10-04 10:43:36 ----A---- C:\windows\system32\drivers\VMkbd.sys
2011-10-04 10:43:36 ----A---- C:\windows\system32\drivers\hcmon.sys
2011-10-04 10:42:30 ----D---- C:\ProgramData\VMware
2011-10-04 10:42:30 ----D---- C:\Program Files (x86)\VMware
2011-10-04 10:41:46 ----D---- C:\Program Files\Common Files\VMware
2011-10-04 09:38:11 ----A---- C:\windows\system32\drivers\VBoxDrv.sys
2011-10-04 09:38:08 ----A---- C:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 16:41:58 ----A---- C:\windows\system32\drivers\VBoxNetAdp.sys
2011-09-29 15:25:43 ----D---- C:\Program Files (x86)\WinSCP
2011-09-29 08:58:49 ----D---- C:\ProgramData\Intel
2011-09-27 21:13:43 ----D---- C:\windows\Prince of Persia Warrior Within dir
2011-09-27 21:13:43 ----A---- C:\windows\impborl.dll
2011-09-27 21:13:43 ----A---- C:\windows\flashax.exe
2011-09-26 05:41:52 ----D---- C:\ProgramData\Microsoft Visual Studio
2011-09-26 02:09:23 ----D---- C:\ProgramData\PreEmptive Solutions
2011-09-26 02:05:35 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2011-09-26 02:05:30 ----D---- C:\Program Files\IIS
2011-09-26 02:05:30 ----D---- C:\Program Files (x86)\IIS
2011-09-26 01:57:48 ----D---- C:\Program Files (x86)\Microsoft F#
2011-09-26 01:57:48 ----D---- C:\Program Files (x86)\HTML Help Workshop
2011-09-24 09:29:34 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-09-23 18:57:16 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2011-09-23 18:57:16 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2011-09-23 18:57:16 ----A---- C:\windows\system32\d3dx10_39.dll
2011-09-23 18:57:16 ----A---- C:\windows\system32\D3DCompiler_39.dll
2011-09-23 18:57:14 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2011-09-23 18:57:14 ----A---- C:\windows\system32\D3DX9_39.dll
2011-09-23 16:34:24 ----D---- C:\windows\SYSWOW64\xlive
2011-09-23 15:22:32 ----D---- C:\Program Files\KN_StrongDC
2011-09-22 14:07:27 ----D---- C:\ProgramData\TmForever
2011-09-22 14:00:42 ----D---- C:\Program Files (x86)\TmNationsForever
2011-09-20 11:02:39 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-09-15 08:23:49 ----A---- C:\windows\SYSWOW64\SQSRVRES.DLL
2011-09-15 08:23:49 ----A---- C:\windows\SYSWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll
2011-09-14 17:13:08 ----D---- C:\Users\Lubos\AppData\Roaming\InstallShield
2011-09-14 14:28:52 ----A---- C:\windows\SYSWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2011-09-14 14:26:55 ----D---- C:\windows\SYSWOW64\1033
2011-09-14 14:26:55 ----D---- C:\windows\system32\1033
2011-09-14 14:26:55 ----D---- C:\Program Files\Microsoft SQL Server
2011-09-14 14:22:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2011-09-14 14:22:00 ----D---- C:\Program Files\Microsoft SDKs
2011-09-14 14:21:54 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2011-09-12 19:09:14 ----D---- C:\Program Files (x86)\Mozilla Sunbird-hokej
2011-09-12 19:08:59 ----D---- C:\Users\Lubos\AppData\Roaming\DivX
2011-09-12 19:07:57 ----D---- C:\Program Files\DivX
2011-09-12 18:57:04 ----D---- C:\Program Files (x86)\DivX
2011-09-12 18:53:12 ----D---- C:\ProgramData\DivX

======List of files/folders modified in the last 1 month======

2011-10-11 01:45:00 ----D---- C:\windows\Temp
2011-10-11 01:44:53 ----RD---- C:\Program Files
2011-10-11 01:39:50 ----D---- C:\Lubos
2011-10-11 01:37:17 ----D---- C:\Users\Lubos\AppData\Roaming\codeblocks
2011-10-11 00:24:30 ----D---- C:\Users\Lubos\AppData\Roaming\Skype
2011-10-10 23:44:18 ----SHD---- C:\System Volume Information
2011-10-10 23:43:55 ----SHD---- C:\windows\Installer
2011-10-10 23:40:43 ----D---- C:\games
2011-10-10 23:26:25 ----D---- C:\Downloads
2011-10-10 22:30:56 ----RD---- C:\Program Files (x86)
2011-10-10 15:34:50 ----D---- C:\windows\system32\config
2011-10-10 08:12:42 ----D---- C:\windows\System32
2011-10-10 08:12:42 ----D---- C:\windows\inf
2011-10-10 08:12:42 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-10-10 08:04:57 ----D---- C:\Windows
2011-10-10 08:03:02 ----A---- C:\windows\SYSWOW64\log.txt
2011-10-10 08:01:31 ----D---- C:\ProgramData\NVIDIA
2011-10-10 07:58:45 ----D---- C:\windows\Prefetch
2011-10-09 21:13:40 ----D---- C:\windows\system32\catroot2
2011-10-08 17:14:30 ----D---- C:\music
2011-10-08 14:29:48 ----D---- C:\windows\system32\Tasks
2011-10-08 13:51:07 ----D---- C:\windows\SysWOW64
2011-10-05 07:54:04 ----D---- C:\windows\winsxs
2011-10-05 07:53:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-04 19:02:45 ----D---- C:\Users\Lubos\AppData\Roaming\MiniLyrics
2011-10-04 18:43:01 ----D---- C:\windows\system32\drivers
2011-10-04 17:58:57 ----D---- C:\windows\system32\catroot
2011-10-04 11:19:23 ----DC---- C:\windows\system32\DRVSTORE
2011-10-04 11:19:22 ----D---- C:\windows\system32\DriverStore
2011-10-04 10:43:18 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2011-10-04 10:42:58 ----D---- C:\windows\SYSWOW64\drivers
2011-10-04 10:42:30 ----D---- C:\ProgramData
2011-10-04 10:42:30 ----D---- C:\Program Files (x86)\Common Files
2011-10-04 10:41:46 ----D---- C:\Program Files\Common Files
2011-10-03 18:29:37 ----D---- C:\fotky
2011-10-03 11:37:42 ----D---- C:\film
2011-10-02 17:10:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-30 22:24:35 ----D---- C:\Program Files (x86)\JDownloader
2011-09-29 08:55:54 ----D---- C:\windows\SYSWOW64\NV
2011-09-29 08:55:53 ----D---- C:\windows\system32\NV
2011-09-28 17:56:02 ----A---- C:\windows\system32\MRT.exe
2011-09-28 17:55:48 ----D---- C:\Program Files (x86)\Intel
2011-09-26 16:19:47 ----D---- C:\windows\Microsoft.NET
2011-09-26 16:19:45 ----RSD---- C:\windows\assembly
2011-09-26 02:10:36 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2011-09-26 02:10:25 ----D---- C:\Program Files (x86)\Microsoft SDKs
2011-09-26 02:09:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-09-26 02:07:58 ----D---- C:\Program Files\MSBuild
2011-09-26 02:04:46 ----SD---- C:\Users\Lubos\AppData\Roaming\Microsoft
2011-09-26 02:04:46 ----SD---- C:\ProgramData\Microsoft
2011-09-26 01:57:48 ----D---- C:\Program Files (x86)\MSBuild
2011-09-23 10:47:43 ----D---- C:\Users\Lubos\AppData\Roaming\vlc
2011-09-21 18:53:33 ----RD---- C:\Users
2011-09-21 18:53:26 ----HD---- C:\windows\system32\GroupPolicyUsers
2011-09-20 21:26:36 ----D---- C:\Users\Lubos\AppData\Roaming\mIRC
2011-09-18 12:09:50 ----D---- C:\Users\Lubos\AppData\Roaming\Vso
2011-09-17 18:02:02 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2011-09-17 15:53:02 ----D---- C:\windows\debug
2011-09-17 09:05:32 ----D---- C:\windows\ModemLogs
2011-09-15 08:26:43 ----D---- C:\ProgramData\Microsoft Help
2011-09-15 08:22:36 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-09-15 08:21:20 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2011-09-14 17:13:12 ----D---- C:\Program Files (x86)\Broadcom Wireless

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-08-03 27240]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2009-12-09 135264]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-08-10 526392]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2009-12-09 23648]
R0 vmci;VMware VMCI Bus Driver; C:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 EgisTecFF;EgisTecFF; C:\windows\system32\DRIVERS\EgisTecFF.sys [2011-01-30 55880]
R1 mwlPSDFilter;mwlPSDFilter; C:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-01-30 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-01-30 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-01-30 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\windows\System32\Drivers\FPSensor.sys [2011-01-30 35888]
R2 hcmon;VMware hcmon; \??\C:\windows\system32\drivers\hcmon.sys [2011-08-21 39024]
R2 VMnetBridge;VMware Bridge Protocol; C:\windows\system32\DRIVERS\vmnetbridge.sys [2011-08-22 45680]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\windows\system32\drivers\vmnetuserif.sys [2011-08-22 30320]
R2 vmx86;VMware vmx86; \??\C:\windows\system32\drivers\vmx86.sys [2011-08-22 62064]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-08 33392]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-02-02 3058168]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-03-26 162304]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-06-02 2392296]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 35112]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-03-18 215168]
R3 vmkbd;VMware kbd; \??\C:\windows\system32\drivers\VMkbd.sys [2011-08-22 32880]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\windows\system32\DRIVERS\vmnetadapter.sys [2011-08-22 20080]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-24 243744]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vmusb;VMware USB Client Driver; C:\windows\System32\Drivers\vmusb.sys [2011-08-21 37680]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 EgisTec Data Security Service;EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe [2010-05-28 314736]
R2 EgisTec Service Help;EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-09-11 327024]
R2 EgisTec Service;EgisTec Service; C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe [2010-05-28 709488]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2011-08-03 980072]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2011-06-21 66872]
R2 RtLedService;RtLedService Installer; C:\Program Files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 154968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2009-12-09 47712]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2011-08-22 79872]
R2 VMnetDHCP;VMware DHCP Service; C:\windows\syswow64\vmnetdhcp.exe [2011-08-22 354416]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-21 846448]
R2 VMware NAT Service;VMware NAT Service; C:\windows\syswow64\vmnat.exe [2011-08-22 432752]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-08-22 11837440]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-06-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-06-09 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 11 říj 2011 05:38

Zdravím.

Inu jako první se musím zeptat:

Windows jsou legální? A jak je to s produkty Microsoft Office?!

Lubos226 · #3 Příspěvek od **Lubos226** » 11 říj 2011 12:55

oba produkty boli dodané už s NTB

#4 Příspěvek od **Mc_Murphy** » 11 říj 2011 13:36

Na to jsem se neptal.

Stáhni a ulož na Plochu http://jpshortstuff.247fixes.com/SystemLook.exe nebo http://images.malwareremoval.com/jpshor ... emLook.exe

Dvojklikem na ikonu program spusť.
Do bílého okénka zkopíruj text z následujícího bílého pole.

Kód: Vybrat vše

:filefind
autokms.exe

Klikni na Look, po dokončení skenu na Tebe vyskočí log, zkopíruj mi ho sem.
Log se také bude nacházet na Ploše, v souboru SystemLook.txt

Stáhni na Plochu utilitu CKScanner.

Spusť ji a klikni na Search for files.
Po dokončení scanu klikni na Save List to File a následně OK.
Na Ploše se vytvoří log s názvem ckfiles.txt, jeho obsah mi sem vlož.

Stáhni a spusť WVCheck.exe nebo WVCheck.zip.

Stiskni klávesu [Enter].
Program začne prohledávat PC, délka skenování je závislá na počtu souborů ve Tvém PC.
Po dokončení skenování se Ti zobrazí log, který mi sem zkopíruj (log případně najdeš i na Ploše).

Čekám na tyto tři logy. Obrázek

Lubos226 · #5 Příspěvek od **Lubos226** » 11 říj 2011 14:50

System Look
SystemLook 30.07.11 by jpshortstuff
Log created at 15:31 on 11/10/2011 by Lubos
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "autokms.exe"
No files found.

-= EOF =-

CKScanner
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\jdownloader\jd\plugins\hoster\crackedcom.class
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\lubos\documents\battlefield play4free\mods\main\cache\{d7b78e66-4306-11cf-e47c-5d19a2c2c535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
scanner sequence 3.ZZ.11.VANAON
----- EOF -----

VWCheck

Traceback (most recent call last):
File "<string>", line 367, in <module>
File "<string>", line 164, in main
File "<string>", line 267, in fullOSWalk
File "<string>", line 353, in checkDrives
File "C:\Documents and Settings\Olrik Lenstra\My Documents\WVCheckDev\build\pyi.win32\WVCheck\outPYZ1.pyz/wmi", line 794, in query
File "C:\Documents and Settings\Olrik Lenstra\My Documents\WVCheckDev\build\pyi.win32\WVCheck\outPYZ1.pyz/wmi", line 986, in query
File "C:\Documents and Settings\Olrik Lenstra\My Documents\WVCheckDev\build\pyi.win32\WVCheck\outPYZ1.pyz/wmi", line 495, in __init__
File "C:\Documents and Settings\Olrik Lenstra\My Documents\WVCheckDev\build\pyi.win32\WVCheck\outPYZ1.pyz/wmi", line 241, in handle_com_error
x_wmi: <x_wmi: Unexpected COM Error (-2147352567, 'Vyskytla sa v\xfdnimka.', (0, u'SWbemObjectEx', u'Generic failure ', None, 0, -2147217407), None)>

//EDIT:

Mc_Murphy píše:Na to jsem se neptal.

tym som chcel povedat: Ano vsetko mam legalne, windows a office som dostal rovno k ntb od predajcu

#6 Příspěvek od **Mc_Murphy** » 12 říj 2011 06:20

OK, tak pokračujeme.

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary (DAEMON Tools Toolbar, Grab Pro, avast! WebRep)!

Potom fixni v HJT tyto položky:
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-325939665-3490199189-181498114-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Lubos.exe

Dále klikni na Start >> Spustit... (nebo Win+R) >> do okénka napiš services.msc >> [Enter]

Najdi služby:
Adobe LM Service
Adobe Acrobat Update Service (AdobeARMservice)
Google Updater Service (gusvc)
NVIDIA Display Driver Service (nvsvc)
NVIDIA Update Service Daemon (nvUpdatusService)
SwitchBoard

Klikni na ně pravým myšítkem, zvol Vlastnosti, na další kartě nejprve služby zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Až to všechno provedeš, hoď mi sem log z OTL a dočistíme.

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*nocd* /s
*AutoKMS.* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Lubos226 · #7 Příspěvek od **Lubos226** » 12 říj 2011 08:44

len daemon tools toolbar som mal moznost odinstalovat

ine toolbary tam neboli

log:

OTL logfile created on: 10/12/2011 8:17:43 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Lubos\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.74 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 38.07% Memory free
7.48 Gb Paging File | 4.46 Gb Available in Paging File | 59.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421.81 Gb Total Space | 44.35 Gb Free Space | 10.52% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.74 Gb Free Space | 95.66% Space Free | Partition Type: NTFS

Computer Name: A05-0336B | User Name: Lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/12 08:14:33 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Lubos\Desktop\OTL.exe
PRC - [2011/09/06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011/08/22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011/08/22 16:34:52 | 011,837,440 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
PRC - [2011/08/22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/06/21 15:47:52 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/31 16:48:36 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/10/29 17:12:32 | 003,330,560 | ---- | M] (The Author of QIP) -- C:\Program Files (x86)\QIP\qip.exe
PRC - [2010/09/11 13:49:56 | 000,364,400 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
PRC - [2010/09/11 13:49:40 | 000,327,024 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
PRC - [2010/05/28 05:14:52 | 000,376,176 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
PRC - [2010/05/28 05:14:02 | 000,709,488 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
PRC - [2010/05/28 05:13:38 | 000,314,736 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
PRC - [2010/04/20 15:29:08 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010/03/11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 00:37:40 | 000,171,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
PRC - [2010/01/15 13:38:46 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331_STI.EXE
PRC - [2009/09/30 14:02:38 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 14:02:36 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
MOD - [2011/09/30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011/09/30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011/09/30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011/09/30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011/09/29 22:06:57 | 008,587,936 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
MOD - [2011/09/29 22:06:57 | 008,587,936 | ---- | M] () -- C:\Users\Lubos\AppData\Local\Google\Chrome\APPLIC~1\140835~1.202\gcswf32.dll
MOD - [2011/09/06 22:01:09 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011/09/06 22:01:08 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011/09/06 22:01:05 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\69d837670ac67c4776ea5a115d64a550\IAStorUtil.ni.dll
MOD - [2011/09/06 22:01:03 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/09/06 22:00:57 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/09/06 22:00:31 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/09/06 22:00:28 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/09/06 22:00:26 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/09/06 22:00:21 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/05/21 08:01:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/05/20 17:14:06 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\QIP\Plugins\docking.dll
MOD - [2010/04/14 10:20:44 | 000,655,360 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 15:29:08 | 000,903,456 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/02/05 16:43:20 | 000,311,296 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtLED\RtLEDService.exe -- (RtLedService)
SRV:64bit: - [2009/12/09 11:52:52 | 000,047,712 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2011/08/22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/08/22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011/08/22 16:34:52 | 011,837,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011/08/22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/08/21 23:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011/08/15 16:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/08/03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/06/21 15:47:52 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/09/11 13:49:40 | 000,327,024 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe -- (EgisTec Service Help)
SRV - [2010/05/28 05:14:02 | 000,709,488 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)
SRV - [2010/05/28 05:13:38 | 000,314,736 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe -- (EgisTec Data Security Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/30 14:02:38 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 14:02:36 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011/09/06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/31 19:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/22 17:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011/08/22 17:06:46 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011/08/22 17:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011/08/22 15:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011/08/22 15:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/08/21 23:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/08/21 23:01:22 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011/08/10 21:00:46 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/08/08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/08/03 13:50:00 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/30 13:05:55 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/30 06:36:55 | 000,055,880 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\EgisTecFF.sys -- (EgisTecFF)
DRV:64bit: - [2011/01/30 06:21:12 | 000,035,888 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2011/01/30 06:21:11 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011/01/30 06:21:11 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011/01/30 06:21:11 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/21 09:15:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/04/08 18:11:12 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/26 11:14:50 | 000,162,304 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/24 11:57:20 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/18 12:35:10 | 000,215,168 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 23:02:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/22 12:03:44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/02 17:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/01/15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2010/01/15 08:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/01/15 08:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/15 08:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/12/09 11:52:28 | 000,023,648 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2009/12/09 11:52:22 | 000,135,264 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2009/10/19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com/
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-325939665-3490199189-181498114-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lubos\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Lubos\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lubos\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lubos\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\PROGRA~2\MOZILL~2\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF - HKCU\Software\MozillaPlugins\www.floatingminds.com/Tunnelers: C:\Users\Lubos\AppData\Local\Tunnelers\npTunnelers.dll (Floating Minds)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/09 15:16:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/10 12:53:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/12 19:09:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/20 11:55:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/14 09:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird-hokej\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird-hokej\plugins [2011/09/14 09:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/09/17 18:02:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011/09/14 09:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/09 15:16:56 | 000,000,000 | ---D | M]

[2011/06/14 22:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lubos\AppData\Roaming\mozilla\Extensions
[2011/06/14 22:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lubos\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/06/14 22:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lubos\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2011/10/11 02:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lubos\AppData\Roaming\mozilla\Firefox\Profiles\5g5d66yp.default\extensions
[2011/10/02 18:01:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lubos\AppData\Roaming\mozilla\Sunbird\Profiles\rtgva5ks.default\extensions
[2011/06/14 22:48:31 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\Lubos\AppData\Roaming\mozilla\Sunbird\Profiles\rtgva5ks.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2011/08/30 13:14:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/08 14:30:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/04/14 19:01:40 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/13 19:00:52 | 001,480,192 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll
[2010/01/01 10:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2010/01/01 10:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2010/01/01 10:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2010/01/01 10:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2010/01/01 10:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010/01/01 10:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\BP4FUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Lubos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Flatcast Viewer Plugin 5.3.0.752 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Lubos\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Lubos\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lubos\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Battlefield Play4Free = C:\Users\Lubos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Lubos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2011/10/10 23:43:53 | 000,001,721 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 1 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (IEPwdBankBHO Class) - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-325939665-3490199189-181498114-1002\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PLTSR] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-325939665-3490199189-181498114-1002..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Len ... pirexe.cab (IASRunner Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.9.43 147.229.8.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D1E50AE-8445-4B5E-88B5-9A8EF465F590}: DhcpNameServer = 147.229.9.43 147.229.8.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73EA53DA-1E08-490D-B5F0-A65DEEEAFC87}: DhcpNameServer = 147.229.191.143 147.229.190.143
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.CSCD - C:\windows\SysWow64\camcodec.dll (RenderSoft Software)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - C:\windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.VMnc - C:\windows\SysWow64\vmnc.dll (VMware, Inc.)
Drivers32: VIDC.WMV3 - C:\windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/10/12 08:14:30 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Lubos\Desktop\OTL.exe
[2011/10/11 02:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/10/11 01:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/10/11 01:44:53 | 000,000,000 | ---D | C] -- C:\rsit
[2011/10/11 01:40:17 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Desktop\virtual linux
[2011/10/11 01:36:19 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Desktop\hudba2
[2011/10/10 21:05:45 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\ProgSense
[2011/10/10 21:05:40 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\GrabPro
[2011/10/10 21:05:33 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\Orbit
[2011/10/10 00:44:27 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\Windows Live
[2011/10/10 00:44:27 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\{67206912-76F8-4CF5-B673-F5218319F8CD}
[2011/10/10 00:43:52 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\{7EC86A92-940B-4E98-A843-4CEB1A9A1BD1}
[2011/10/10 00:43:52 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\{179B2B2A-8037-40BA-B8E7-7DDC684BFAF8}
[2011/10/08 13:51:07 | 000,065,536 | ---- | C] (RenderSoft Software) -- C:\windows\SysWow64\camcodec.dll
[2011/10/08 13:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2011/10/08 13:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CamStudio
[2011/10/05 07:45:33 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2011/10/04 12:07:30 | 000,000,000 | ---D | C] -- C:\windows\pss
[2011/10/04 10:54:13 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Documents\Virtual Machines
[2011/10/04 10:50:41 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\VMware
[2011/10/04 10:50:40 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\VMware
[2011/10/04 10:44:19 | 000,062,064 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vmx86.sys
[2011/10/04 10:43:49 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\windows\SysWow64\vmnetdhcp.exe
[2011/10/04 10:43:45 | 000,432,752 | ---- | C] (VMware, Inc.) -- C:\windows\SysWow64\vmnat.exe
[2011/10/04 10:43:45 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vmnetuserif.sys
[2011/10/04 10:43:41 | 000,942,192 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\vnetlib64.dll
[2011/10/04 10:43:36 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\hcmon.sys
[2011/10/04 10:43:36 | 000,032,880 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\VMkbd.sys
[2011/10/04 10:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2011/10/04 10:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2011/10/04 10:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2011/10/04 10:42:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2011/10/04 10:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2011/10/03 16:41:58 | 000,146,736 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\drivers\VBoxNetAdp.sys
[2011/09/29 15:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2011/09/29 15:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2011/09/29 08:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011/09/27 21:13:43 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\windows\flashax.exe
[2011/09/27 21:13:43 | 000,000,000 | ---D | C] -- C:\windows\Prince of Persia Warrior Within dir
[2011/09/26 05:53:37 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\assembly
[2011/09/26 05:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Visual Studio
[2011/09/26 02:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
[2011/09/26 02:09:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2011/09/26 02:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK
[2011/09/26 02:05:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2011/09/26 02:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2011/09/26 02:05:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2011/09/26 01:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2011/09/26 01:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft F#
[2011/09/26 01:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2011/09/26 01:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
[2011/09/26 01:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2011/09/24 17:13:54 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lara Croft and the Guardian of Light
[2011/09/24 09:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/09/24 09:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/09/23 18:57:16 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2011/09/23 18:57:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2011/09/23 18:57:16 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2011/09/23 18:57:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2011/09/23 18:57:14 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2011/09/23 18:57:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2011/09/23 16:59:07 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\Fallout3
[2011/09/23 16:34:24 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\xlive
[2011/09/23 15:22:33 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KN StrongDC
[2011/09/23 15:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\KN_StrongDC

Lubos226 · #8 Příspěvek od **Lubos226** » 12 říj 2011 08:44

[2011/09/22 14:07:27 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Documents\TmForever
[2011/09/22 14:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TmForever
[2011/09/22 14:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
[2011/09/22 14:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TmNationsForever
[2011/09/21 00:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/09/20 22:12:55 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\Floating Minds
[2011/09/20 22:10:53 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tunnelers
[2011/09/20 22:10:48 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\Tunnelers
[2011/09/20 13:30:08 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Desktop\Zimny semester
[2011/09/20 11:03:20 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Local\LogMeIn Hamachi
[2011/09/20 11:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/09/20 11:02:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011/09/15 08:23:49 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SQSRVRES.DLL
[2011/09/15 08:23:49 | 000,072,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll
[2011/09/14 17:13:08 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\InstallShield
[2011/09/14 14:28:52 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
[2011/09/14 14:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2011/09/14 14:26:55 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\1033
[2011/09/14 14:26:55 | 000,000,000 | ---D | C] -- C:\windows\SysNative\1033
[2011/09/14 14:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2011/09/14 14:23:31 | 000,000,000 | ---D | C] -- C:\Users\Lubos\Documents\Visual Studio 2008
[2011/09/14 14:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011/09/14 14:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2011/09/14 14:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
[2011/09/14 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2011/09/12 19:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Sunbird-hokej
[2011/09/12 19:08:59 | 000,000,000 | ---D | C] -- C:\Users\Lubos\AppData\Roaming\DivX
[2011/09/12 19:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/09/12 19:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/09/12 19:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/09/12 18:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/09/12 18:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[6 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/12 08:20:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/10/12 08:14:33 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Lubos\Desktop\OTL.exe
[2011/10/12 08:05:00 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002UA.job
[2011/10/12 07:49:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/10/11 23:05:03 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002Core.job
[2011/10/11 20:02:13 | 000,890,002 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/10/11 20:02:13 | 000,729,816 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/10/11 20:02:13 | 000,151,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/10/11 19:42:26 | 004,997,289 | ---- | M] () -- C:\Users\Lubos\Desktop\die-antwoord-enter-the-ninja.mp3
[2011/10/11 19:42:02 | 003,403,055 | ---- | M] () -- C:\Users\Lubos\Desktop\Die-Antwoord-Rich-Bitch.mp3
[2011/10/11 17:35:24 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 17:35:24 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 17:32:08 | 000,007,602 | ---- | M] () -- C:\Users\Lubos\AppData\Local\resmon.resmoncfg
[2011/10/11 17:24:50 | 3010,797,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/11 15:47:06 | 003,427,103 | ---- | M] () -- C:\Users\Lubos\Desktop\WVCheck.zip
[2011/10/11 15:45:51 | 003,514,358 | ---- | M] () -- C:\Users\Lubos\Desktop\WVCheck.exe
[2011/10/11 15:37:33 | 000,459,264 | ---- | M] () -- C:\Users\Lubos\Desktop\CKScanner.exe
[2011/10/11 15:31:36 | 000,139,264 | ---- | M] () -- C:\Users\Lubos\Desktop\SystemLook.exe
[2011/10/11 01:44:31 | 000,935,175 | ---- | M] () -- C:\Users\Lubos\Desktop\RSITx64.exe
[2011/10/11 01:38:51 | 000,002,110 | ---- | M] () -- C:\Users\Lubos\Desktop\rozvrh - odkaz.lnk
[2011/10/11 01:38:41 | 000,002,116 | ---- | M] () -- C:\Users\Lubos\Desktop\vydavky - odkaz.lnk
[2011/10/10 23:56:07 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/10/10 10:40:41 | 000,000,600 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\winscp.rnd
[2011/10/10 00:38:44 | 000,011,776 | ---- | M] () -- C:\Users\Lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/08 13:51:07 | 000,001,070 | ---- | M] () -- C:\windows\SysWow64\unins000.dat
[2011/10/08 13:51:02 | 000,695,578 | ---- | M] () -- C:\windows\SysWow64\unins000.exe
[2011/10/04 10:43:22 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/10/04 10:43:18 | 000,894,988 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/10/04 10:43:15 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011/10/03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\drivers\VBoxNetAdp.sys
[2011/10/02 17:07:33 | 000,027,973 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\OFMissionEditorConfig.xml
[2011/09/30 22:57:40 | 000,000,600 | ---- | M] () -- C:\Users\Lubos\AppData\Local\PUTTY.RND
[2011/09/29 15:25:44 | 000,001,849 | ---- | M] () -- C:\Users\Lubos\Desktop\WinSCP.lnk
[2011/09/28 15:12:28 | 000,000,656 | ---- | M] () -- C:\Users\Lubos\Desktop\Vypinac.lnk
[2011/09/27 21:13:44 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\windows\flashax.exe
[2011/09/27 21:13:43 | 000,012,288 | ---- | M] () -- C:\windows\impborl.dll
[2011/09/24 17:13:54 | 000,000,700 | ---- | M] () -- C:\Users\Lubos\Desktop\Lara Croft and the Guardian of Light.lnk
[2011/09/24 17:04:03 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/24 10:59:00 | 000,001,099 | ---- | M] () -- C:\Users\Lubos\Desktop\OFDR - odkaz.lnk
[2011/09/22 14:01:54 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2011/09/21 11:27:33 | 000,088,427 | ---- | M] () -- C:\Users\Lubos\Desktop\houpacka.jpg
[2011/09/21 00:42:41 | 000,000,534 | ---- | M] () -- C:\Users\Lubos\Desktop\bulanci - odkaz.lnk
[2011/09/20 22:10:53 | 000,001,983 | ---- | M] () -- C:\Users\Lubos\Desktop\Tunnelers.lnk
[2011/09/14 17:13:32 | 000,696,680 | ---- | M] () -- C:\windows\SysNative\oem13.inf
[2011/09/14 16:28:41 | 000,016,384 | ---- | M] () -- C:\Users\Lubos\Documents\rom-0
[6 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/12 08:20:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/10/11 19:42:06 | 004,997,289 | ---- | C] () -- C:\Users\Lubos\Desktop\die-antwoord-enter-the-ninja.mp3
[2011/10/11 19:41:55 | 003,403,055 | ---- | C] () -- C:\Users\Lubos\Desktop\Die-Antwoord-Rich-Bitch.mp3
[2011/10/11 15:47:05 | 003,427,103 | ---- | C] () -- C:\Users\Lubos\Desktop\WVCheck.zip
[2011/10/11 15:45:50 | 003,514,358 | ---- | C] () -- C:\Users\Lubos\Desktop\WVCheck.exe
[2011/10/11 15:37:33 | 000,459,264 | ---- | C] () -- C:\Users\Lubos\Desktop\CKScanner.exe
[2011/10/11 15:31:36 | 000,139,264 | ---- | C] () -- C:\Users\Lubos\Desktop\SystemLook.exe
[2011/10/11 01:44:30 | 000,935,175 | ---- | C] () -- C:\Users\Lubos\Desktop\RSITx64.exe
[2011/10/11 01:38:50 | 000,002,110 | ---- | C] () -- C:\Users\Lubos\Desktop\rozvrh - odkaz.lnk
[2011/10/11 01:38:41 | 000,002,116 | ---- | C] () -- C:\Users\Lubos\Desktop\vydavky - odkaz.lnk
[2011/10/08 13:51:07 | 000,695,578 | ---- | C] () -- C:\windows\SysWow64\unins000.exe
[2011/10/08 13:51:07 | 000,001,070 | ---- | C] () -- C:\windows\SysWow64\unins000.dat
[2011/10/04 10:43:22 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/10/04 10:43:14 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011/10/02 17:07:33 | 000,027,973 | ---- | C] () -- C:\Users\Lubos\AppData\Roaming\OFMissionEditorConfig.xml
[2011/09/29 15:25:45 | 000,000,600 | ---- | C] () -- C:\Users\Lubos\AppData\Roaming\winscp.rnd
[2011/09/29 15:25:44 | 000,001,849 | ---- | C] () -- C:\Users\Lubos\Desktop\WinSCP.lnk
[2011/09/28 15:12:28 | 000,000,656 | ---- | C] () -- C:\Users\Lubos\Desktop\Vypinac.lnk
[2011/09/27 21:13:43 | 000,012,288 | ---- | C] () -- C:\windows\impborl.dll
[2011/09/24 17:13:54 | 000,000,700 | ---- | C] () -- C:\Users\Lubos\Desktop\Lara Croft and the Guardian of Light.lnk
[2011/09/24 10:59:00 | 000,001,099 | ---- | C] () -- C:\Users\Lubos\Desktop\OFDR - odkaz.lnk
[2011/09/22 14:01:54 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2011/09/21 11:27:33 | 000,088,427 | ---- | C] () -- C:\Users\Lubos\Desktop\houpacka.jpg
[2011/09/21 00:42:41 | 000,000,534 | ---- | C] () -- C:\Users\Lubos\Desktop\bulanci - odkaz.lnk
[2011/09/20 22:10:53 | 000,001,983 | ---- | C] () -- C:\Users\Lubos\Desktop\Tunnelers.lnk
[2011/09/14 17:15:47 | 000,696,680 | ---- | C] () -- C:\windows\SysNative\oem13.inf
[2011/09/14 16:28:41 | 000,016,384 | ---- | C] () -- C:\Users\Lubos\Documents\rom-0
[2011/09/14 14:23:29 | 000,001,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2008 Express Edition.lnk
[2011/09/06 22:51:25 | 000,000,600 | ---- | C] () -- C:\Users\Lubos\AppData\Local\PUTTY.RND
[2011/08/31 19:51:16 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/08/31 19:51:16 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011/08/31 19:51:16 | 000,105,608 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/08/31 19:26:20 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011/08/23 18:57:22 | 000,715,038 | ---- | C] () -- C:\windows\unins000.exe
[2011/08/23 18:57:22 | 000,002,265 | ---- | C] () -- C:\windows\unins000.dat
[2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\windows\SysWow64\nvStreaming.exe
[2011/07/31 21:45:28 | 000,000,093 | ---- | C] () -- C:\Users\Lubos\AppData\Local\fusioncache.dat
[2011/07/31 21:39:40 | 000,894,988 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/07/31 12:30:42 | 000,000,000 | ---- | C] () -- C:\windows\PowerReg.dat
[2011/07/23 19:18:14 | 000,045,568 | ---- | C] () -- C:\windows\UniFish3.exe
[2011/06/22 14:20:39 | 000,011,742 | ---- | C] () -- C:\windows\scunin.dat
[2011/06/21 15:47:52 | 000,669,184 | ---- | C] () -- C:\windows\SysWow64\pbsvc.exe
[2011/06/14 09:30:16 | 000,103,736 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2011/06/14 09:30:13 | 000,066,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2011/06/13 10:23:41 | 000,000,132 | ---- | C] () -- C:\Users\Lubos\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011/06/11 16:23:05 | 000,007,602 | ---- | C] () -- C:\Users\Lubos\AppData\Local\resmon.resmoncfg
[2011/06/11 16:21:08 | 000,011,776 | ---- | C] () -- C:\Users\Lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/09 14:57:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/06/09 13:46:59 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2011/05/24 13:03:24 | 000,276,232 | ---- | C] () -- C:\Users\Lubos\AppData\Local\ConduitInstaller.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2011/03/27 21:43:08 | 000,096,768 | ---- | C] () -- C:\Users\Lubos\AppData\Local\Bloson.exe
[2011/03/21 13:36:30 | 000,026,456 | ---- | C] () -- C:\Users\Lubos\AppData\Local\bloson.bmp
[2011/01/30 06:11:11 | 000,001,341 | ---- | C] () -- C:\windows\vm331Rmv.ini
[2010/11/13 12:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Lubos\AppData\Local\toolbar3.bmp
[2010/11/12 12:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Lubos\AppData\Local\lateral3.bmp
[2010/11/12 11:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Lubos\AppData\Local\lateral1.bmp
[2010/11/12 11:10:58 | 000,193,744 | ---- | C] () -- C:\Users\Lubos\AppData\Local\lateral2.bmp
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[1997/06/14 03:56:08 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\iyvu9_32.dll

========== LOP Check ==========

[2011/08/02 15:53:22 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\.minecraft
[2011/10/11 02:13:13 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\DAEMON Tools Lite
[2011/07/12 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\EditPlus 3
[2011/06/09 20:00:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\GHISLER
[2011/07/12 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Gmail Backup
[2011/07/12 10:00:46 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\go
[2011/10/10 21:05:40 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\GrabPro
[2011/06/09 16:05:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\kompozer.net
[2011/10/04 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\MiniLyrics
[2011/07/13 21:59:16 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Mp3tag
[2011/06/10 12:50:22 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Need for Speed World
[2011/06/09 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Nokia
[2011/06/09 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Nokia Ovi Suite
[2011/09/02 22:27:54 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Opera
[2011/10/11 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Orbit
[2011/06/10 11:23:32 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PACE Anti-Piracy
[2011/08/17 19:01:55 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PC Suite
[2011/07/13 08:25:23 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PDF Writer
[2011/10/10 21:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\ProgSense
[2011/08/01 11:07:14 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\screenrecorder
[2011/06/10 11:24:31 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/31 22:26:13 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\SWiSH Max4
[2011/06/19 22:22:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\TeamViewer
[2011/06/14 22:15:26 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Thunderbird
[2011/09/18 12:09:50 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Vso
[2011/09/30 16:43:32 | 000,019,436 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\windows\SysNative\csrss.exe
[2009/07/14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/01/30 13:23:43 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/01/30 13:14:58 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011/01/30 13:23:43 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011/01/30 13:14:58 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011/01/30 13:23:43 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011/01/30 13:14:58 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/01/30 13:23:43 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011/01/30 13:14:58 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\SysNative\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\windows\SysNative\drivers\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NTFS.SYS >
[2010/11/20 15:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011/01/30 13:32:08 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=1AD8FEF2D6AC7116B68B887A9782FD33 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16592_none_02584e6636a76a74\ntfs.sys
[2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011/03/11 08:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011/01/30 13:32:08 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=57CE88567C456E3E55070195BCA8C4C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20712_none_03386c774f8427dd\ntfs.sys
[2011/03/11 08:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011/03/11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011/03/11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\windows\SysNative\drivers\ntfs.sys
[2011/03/11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\SysNative\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2011/01/30 13:19:24 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\windows\SysNative\spoolsv.exe
[2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2011/01/30 13:19:24 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011/01/30 13:25:50 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2011/01/30 13:25:50 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\windows\SysNative\drivers\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011/01/30 13:23:43 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011/01/30 13:23:43 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2011/02/09 12:29:06 | 000,342,016 | ---- | M] (Hewlett-Packard Corporation) --
[2008/05/07 19:59:34 | 000,099,840 | ---- | M] (Hewlett-Packard Corporation) --
[2009/07/14 03:41:04 | 000,230,400 | ---- | M] (Hewlett-Packard Corporation) --
[2009/07/14 03:41:05 | 000,101,376 | ---- | M] (Hewlett-Packard Corporation) --
[2009/07/14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2010/11/20 15:27:28 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009/07/14 04:30:16 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2011/01/30 12:59:50 | 000,000,003 | ---- | M] () -- C:\windows\system32\drivers\17aa_Lenovo_V560_20069.MRK
[2009/06/10 23:14:29 | 003,440,660 | ---- | M] () -- C:\windows\system32\drivers\gm.dls
[2009/06/10 23:14:29 | 000,000,646 | ---- | M] () -- C:\windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011/10/11 17:27:29 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2011/10/08 13:51:07 | 000,001,070 | ---- | M] () -- C:\windows\system32\unins000.dat
[2011/10/08 13:51:02 | 000,695,578 | ---- | M] () -- C:\windows\system32\unins000.exe

< %systemroot%\system32\*.dll /lockedfiles >
[2011/06/11 15:00:50 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtmsft.dll
[2011/06/11 15:00:50 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtrans.dll
[2011/07/22 04:51:14 | 009,704,448 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\ieframe.dll
[2011/06/11 15:00:50 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\iepeers.dll

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[10 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011/08/02 15:53:22 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\.minecraft
[2011/08/26 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Adobe
[2011/08/27 08:37:48 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Adobe Mini Bridge CS5
[2011/10/11 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\codeblocks
[2011/06/09 13:37:17 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\CyberLink
[2011/10/11 02:13:13 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 14:58:54 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Digsby
[2011/09/14 18:23:03 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\DivX
[2011/07/12 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\EditPlus 3
[2011/06/09 20:00:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\GHISLER
[2011/07/12 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Gmail Backup
[2011/07/12 10:00:46 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\go
[2011/10/10 21:05:40 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\GrabPro
[2011/06/09 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Identities
[2011/09/14 17:13:08 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\InstallShield
[2011/06/09 19:02:12 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Intel Corporation
[2011/06/09 16:05:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\kompozer.net
[2011/06/09 19:15:06 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Macromedia
[2009/07/29 09:23:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Media Center Programs
[2011/09/26 02:04:46 | 000,000,000 | --SD | M] -- C:\Users\Lubos\AppData\Roaming\Microsoft
[2011/10/04 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\MiniLyrics
[2011/09/20 21:26:36 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\mIRC
[2011/07/28 18:02:29 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Mozilla
[2011/07/13 21:59:16 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Mp3tag
[2011/06/10 12:50:22 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Need for Speed World
[2011/06/09 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Nokia
[2011/06/09 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Nokia Ovi Suite
[2011/08/26 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\NVIDIA
[2011/09/02 22:27:54 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Opera
[2011/10/11 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Orbit
[2011/06/10 11:23:32 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PACE Anti-Piracy
[2011/08/17 19:01:55 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PC Suite
[2011/07/13 08:25:23 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\PDF Writer
[2011/10/10 21:05:45 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\ProgSense
[2011/08/01 11:07:14 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\screenrecorder
[2011/06/21 15:51:55 | 000,000,000 | RH-D | M] -- C:\Users\Lubos\AppData\Roaming\SecuROM
[2011/10/12 08:47:21 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Skype
[2011/06/12 12:56:10 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\SkypePM
[2011/06/10 11:24:31 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/07/31 22:26:13 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\SWiSH Max4
[2011/06/19 22:22:41 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\TeamViewer
[2011/06/14 22:15:26 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Thunderbird
[2011/09/23 10:47:43 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\vlc
[2011/10/11 02:03:45 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\VMware
[2011/09/18 12:09:50 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Vso
[2011/10/11 13:40:49 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\Winamp
[2011/06/09 17:46:40 | 000,000,000 | ---D | M] -- C:\Users\Lubos\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011/08/28 23:20:46 | 000,000,132 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2011/10/02 17:07:33 | 000,027,973 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\OFMissionEditorConfig.xml
[2011/10/10 10:40:41 | 000,000,600 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\winscp.rnd

< %APPDATA%\*.exe /s >
[2011/06/10 10:48:59 | 000,038,784 | ---- | M] () -- C:\Users\Lubos\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/06/11 15:42:42 | 000,029,926 | R--- | M] () -- C:\Users\Lubos\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2011/05/13 10:35:48 | 000,004,328 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2011/06/14 09:31:42 | 000,015,392 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2011/06/14 09:31:43 | 000,015,380 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2011/06/14 09:31:43 | 000,015,800 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2011/06/14 09:31:43 | 000,016,476 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/14 09:31:43 | 000,015,136 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2011/06/14 09:31:43 | 000,016,056 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2011/06/14 09:31:42 | 000,015,812 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2011/06/14 09:31:42 | 000,016,488 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2011/06/14 09:31:42 | 000,015,136 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2011/06/14 09:31:42 | 000,016,068 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2011/06/14 09:31:42 | 000,015,612 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2011/06/14 09:31:43 | 000,015,600 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2011/06/14 09:31:43 | 000,016,020 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2011/06/14 09:31:43 | 000,016,696 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/14 09:31:43 | 000,015,356 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2011/06/14 09:31:43 | 000,016,276 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2011/06/14 09:31:42 | 000,016,032 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2011/06/14 09:31:42 | 000,016,708 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2011/06/14 09:31:42 | 000,015,356 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2011/06/14 09:31:42 | 000,016,288 | ---- | M] () -- \Users\Lubos\Documents\Battlefield Play4Free\mods\main\cache\{D7B78E66-4306-11CF-E47C-5D19A2C2C535}_225129_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx

< *keygen* /s >

< *loader* /s >
[2011/07/29 23:16:38 | 000,002,859 | ---- | M] () -- \Downloads\Gmail\2007_03_20070326-155523-noreply@big4um_sk-UPLOADER_MESIACA_MAREC-1.eml
[2011/08/29 14:12:34 | 000,003,990 | ---- | M] () -- \Downloads\Gmail\2010_01_20100102-190638-admin@kukni_net-Zarobok_pre_uploadera-1.eml
[2010/03/18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010/03/18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2011/01/24 23:42:32 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2011/01/24 23:42:32 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/02/15 08:22:28 | 000,335,872 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011/04/14 11:35:32 | 000,131,072 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011/04/12 17:58:54 | 000,007,161 | ---- | M] () -- \Program Files (x86)\Digsby\lib\gui\browser\webkit\imageloader.pyo
[2010/08/23 22:16:16 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\digsby_about\res\ajax-loader.gif
[2011/04/12 17:58:58 | 000,007,133 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\digsby_updater\downloader.pyo
[2009/07/02 17:06:12 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\facebook\res\ajax-loader.gif
[2010/06/14 22:39:36 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\linkedin\res\ajax-loader.gif
[2010/02/05 19:29:18 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\myspace\res\ajax-loader.gif
[2009/07/14 22:44:22 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Digsby\lib\plugins\twitter\res\img\ajax-loader.gif
[2011/04/12 17:59:02 | 000,014,145 | ---- | M] () -- \Program Files (x86)\Digsby\lib\syck\loaders.pyo
[2011/05/13 10:35:48 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2011/05/13 10:35:48 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2011/05/13 10:35:48 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2011/05/13 10:35:48 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2011/06/19 11:07:36 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011/05/13 10:35:48 | 000,007,069 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011/05/13 10:35:48 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2010/03/04 20:42:08 | 000,002,910 | ---- | M] () -- \Program Files (x86)\KompoZer\components\uriloader.xpt
[2010/03/03 00:39:58 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2010/03/03 00:37:00 | 000,012,794 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2010/03/03 00:37:00 | 000,162,912 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2010/03/03 00:37:00 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2008/07/10 16:33:02 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2008/07/10 16:33:04 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2010/03/18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010/03/18 01:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010/03/18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009/08/31 04:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009/08/31 04:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2011/05/20 16:56:14 | 000,017,976 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia Ovi Suite\OviSuiteDownloader.dll
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2009/10/21 06:44:22 | 000,001,960 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderBar_silver.swf
[2009/10/21 06:44:22 | 000,022,732 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderBar_silver.swi
[2009/10/21 06:44:22 | 000,015,291 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderCircle.swf
[2009/10/21 06:44:24 | 000,020,700 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderCircle.swi
[2009/10/21 06:44:24 | 000,019,379 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderMovie.swf
[2009/10/21 06:44:24 | 000,045,075 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Progress\LoaderMovie.swi
[2010/03/01 05:22:32 | 000,000,792 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Utility\Loader.swf
[2010/03/01 05:22:32 | 000,038,585 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\Components\Utility\Loader.swi
[2009/07/23 04:42:20 | 000,019,280 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\ProjectTemplates\Sites\HiFi\working\preloader.swi
[2009/10/21 05:14:46 | 000,014,756 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\ProjectTemplates\Sites\Sports\working\preloader.swi
[2009/10/21 05:15:04 | 000,019,280 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\ProjectTemplates\Sites\Squared Colors\working\preloader.swi
[2009/07/27 07:47:38 | 000,685,051 | ---- | M] () -- \Program Files (x86)\SWiSH Max4\samples\Components\loadermovie_example.swi
[2011/01/24 23:42:32 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2011/01/24 23:42:32 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/05/28 22:04:02 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011/05/30 14:56:52 | 000,004,068 | ---- | M] () -- \ProgramData\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2011/06/19 11:04:12 | 000,001,945 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/06/19 11:04:12 | 000,001,924 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/06/19 11:04:12 | 000,001,966 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/05/30 14:56:52 | 000,004,068 | ---- | M] () -- \Users\All Users\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2011/06/19 11:04:12 | 000,001,945 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/06/19 11:04:12 | 000,001,924 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/06/19 11:04:12 | 000,001,966 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/06/19 10:56:29 | 000,000,222 | ---- | M] () -- \Users\Lubos\AppData\Local\Opera\Opera\icons\jdownloader.org.idx
[2011/10/10 21:02:25 | 000,000,083 | ---- | M] () -- \Users\Lubos\AppData\Local\Opera\Opera\icons\www.orbitdownloader.com.idx
[2011/10/11 15:46:24 | 000,005,632 | ---- | M] () -- \Users\Lubos\AppData\Local\Temp\_MEI80442\_win32sysloader.pyd
[2011/10/11 02:06:07 | 000,187,105 | ---- | M] () -- \Users\Lubos\AppData\Roaming\Orbit\icon\JDownloader.ico
[2011/10/11 02:06:07 | 000,022,486 | ---- | M] () -- \Users\Lubos\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,387,408 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2008/07/30 10:06:58 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\D1B226DDE87A8EF3C9C842F675460B0D\9.0.30729\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2008/07/29 03:43:16 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\D1B226DDE87A8EF3C9C842F675460B0D\9.0.30729\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/06/23 10:46:09 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/06/23 10:46:09 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/06/23 10:46:09 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/06/23 10:46:09 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/06/23 10:46:09 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *nocd* /s >

< *AutoKMS.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\Users\Lubos\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Lubos\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Lubos\AppData\Local\Temp\nsyC043.tmp\setuphlp.dll\0\??\C:\Users\Lubos\AppData\Local\Temp\nsyC043.tmp\

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011/10/12 08:20:56 | 000,000,512 | ---- | M] () MD5=C9EC4C6B3544233C1068108438D249F9 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 869 bytes -> \Downloads\Gmail\2007_03_20070326-155523-noreply@big4um_sk-UPLOADER_MESIACA_MAREC-1.eml:OECustomProperty
@Alternate Data Stream - 693 bytes -> \Downloads\Gmail\2010_01_20100102-190638-admin@kukni_net-Zarobok_pre_uploadera-1.eml:OECustomProperty
@Alternate Data Stream - 1028 bytes -> C:\Users\Lubos\AppData\Local\pidgOnuRX8LUqb:qgFzvTXeWcFU1oJj4BCv

< End of report >

Lubos226 · #9 Příspěvek od **Lubos226** » 12 říj 2011 08:45

OTL Extras logfile created on: 10/12/2011 8:17:43 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Lubos\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.74 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 38.07% Memory free
7.48 Gb Paging File | 4.46 Gb Available in Paging File | 59.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421.81 Gb Total Space | 44.35 Gb Free Space | 10.52% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.74 Gb Free Space | 95.66% Space Free | Partition Type: NTFS

Computer Name: A05-0336B | User Name: Lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{11538652-E5E4-37F1-86D7-418871E45292}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1F494B8A-D6E6-4540-9A74-F773B63164A6}" = Port Locker
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{528E2373-AE49-4802-B4A8-326BBFDAD6A0}" = VmciSockets
"{5737101A-27C4-408A-8A57-D1DC78DF84B4}" = 64 Bit HP CIO Components Installer
"{5ACF5427-B4E4-4F85-A512-151E0BECF7E3}" = RtLED
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-1000-0000000FF1CE}_Office14.PROPLUSR_{70A6C738-452C-4999-9780-B2C23339711D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{8F7BCAD4-B6E7-485B-AA1A-F1D702A6A0CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0043-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{D5B1D4C9-AF5A-4653-AB6D-D8AFFBE363AC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4A62DCE9-94CF-491F-B8EF-B5E3396F2421}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}" = Microsoft SQL Server 2008 Native Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304
"CCleaner" = CCleaner
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"Elantech" = ETDWare PS/2-x64 7.0.4.17_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{25CFEF55-A945-41FC-86ED-76469F31DF37}" = Nokia Connectivity Cable Driver
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.0.1.9
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CA10D13-F83A-487E-9B30-CC979FEF7A70}" = OviMPlatform
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5B161932-9D42-4D5E-858D-29BF4C670944}" = Microsoft SQL Server 2008 Setup Support Files
"{6339663B-F26F-4FE3-B813-0E1DEC4ED976}" = Nokia Ovi Suite
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}" = Port Locker
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BEF7FC5C-0182-4DDE-BDDD-F7D132AB833D}" = Ovi Desktop Sync Engine
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E989D16F-0B39-4E74-8BD5-149BEE1477FE}" = Microsoft SQL Server 2008 RsFx Driver
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F493761C-E465-4B9E-9FC1-A312F161DE0A}" = Active Protection System
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC030CB5-46A6-4229-AD6E-0AC869F509C8}" = Pinnacle Studio Bonus Content
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CamStudio" = CamStudio
"CamStudio Lossless Codec_is1" = CamStudio Lossless Codec v1.4
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cute Screen Recorder Free Version_is1" = Cute Screen Recorder Free Version 1.7.0.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Digsby" = Digsby
"DivX Setup" = DivX Setup
"EditPlus 3" = EditPlus 3
"Flatcast Viewer 5.3_is1" = Flatcast Viewer Plugin 5.3.0.752
"gmailbackup" = Gmail Backup
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"IceChat_is1" = IceChat 7.70 (Build 20101031)
"InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}" = Port Locker
"InstallShield_{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess
"KN StrongDC" = KN StrongDC
"LameACM" = LameACM
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Bullet Looks Studio 15" = Magic Bullet Looks Studio 15
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MiniLyrics" = Minilyrics(remove only)
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 sk)" = Mozilla Firefox 4.0.1 (x86 sk)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"Mp3tag" = Mp3tag v2.49
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.51.1087" = Opera 11.51
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RollerCoaster Tycoon Setup" = Roll
"SWiSH Max4" = SWiSH Max4
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 6" = TeamViewer 6
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"TrackMania 2_is1" = TrackMania 2
"Trapcode 3DStroke Studio 15" = Trapcode 3DStroke Studio 15
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio 15" = Trapcode Shine Studio 15
"Valve_0" = Valve
"VLC media player" = VLC media player 1.1.11
"VMware_Workstation" = VMware Workstation
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.5
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-325939665-3490199189-181498114-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Google Translator" = Google Translator
"QIP 2005" = QIP 2005 8097
"QIP Infium" = QIP Infium 3.0.9044
"Tunnelers" = Tunnelers

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/5/2011 1:56:44 AM | Computer Name = a05-0336b | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10/5/2011 2:04:20 PM | Computer Name = a05-0336b | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: wmpnetwk.exe, verzia: 12.0.7601.17514, časová
značka: 0x4ce7ae7f Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka:
0x00000000 Kód výnimky: 0xc0000005 Odstup chyby: 0x000000007fff000a Identifikácia
chybného procesu: 0x1768 Čas spustenia chybnej aplikácie: 0x01cc832266712dbf Cesta
chybnej aplikácie: C:\Program Files\Windows Media Player\wmpnetwk.exe Cesta chybného
modulu: unknown Identifikácia hlásenia: 724cb771-ef7c-11e0-9210-c0cb38f3311b

Error - 10/5/2011 11:03:11 PM | Computer Name = a05-0336b | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/6/2011 9:26:25 AM | Computer Name = a05-0336b | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10/6/2011 9:26:26 AM | Computer Name = a05-0336b | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10/6/2011 8:13:22 PM | Computer Name = a05-0336b | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: projekt.exe, verzia: 0.0.0.0, časová značka:
0x4e8e440a Názov chybového modulu: msvcrt.dll, verzia: 7.0.7600.16385, časová značka:
0x4a5bda6f Kód výnimky: 0xc0000005 Odstup chyby: 0x000143df Identifikácia chybného
procesu: 0x19e0 Čas spustenia chybnej aplikácie: 0x01cc8485def51b66 Cesta chybnej
aplikácie: C:\Users\Lubos\Desktop\c\projekt1\projekt\bin\Debug\projekt.exe Cesta
chybného modulu: C:\windows\syswow64\msvcrt.dll Identifikácia hlásenia: 2a2c3f81-f079-11e0-a7cc-c0cb38f3311b

Error - 10/7/2011 12:48:47 PM | Computer Name = a05-0336b | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Explorer.EXE, verzia: 6.1.7601.17567, časová
značka: 0x4d672ee4 Názov chybového modulu: SHLWAPI.dll, verzia: 6.1.7601.17514,
časová značka: 0x4ce7c9ab Kód výnimky: 0xc0000005 Odstup chyby: 0x0000000000011c66
Identifikácia
chybného procesu: 0x7c4 Čas spustenia chybnej aplikácie: 0x01cc842a0cc5f019 Cesta
chybnej aplikácie: C:\windows\Explorer.EXE Cesta chybného modulu: C:\windows\system32\SHLWAPI.dll
Identifikácia
hlásenia: 392758de-f104-11e0-a7cc-c0cb38f3311b

Error - 10/7/2011 12:48:52 PM | Computer Name = a05-0336b | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Explorer.EXE, verzia: 6.1.7601.17567, časová
značka: 0x4d672ee4 Názov chybového modulu: SHLWAPI.dll, verzia: 6.1.7601.17514,
časová značka: 0x4ce7c9ab Kód výnimky: 0xc000041d Odstup chyby: 0x0000000000011c66
Identifikácia
chybného procesu: 0x7c4 Čas spustenia chybnej aplikácie: 0x01cc842a0cc5f019 Cesta
chybnej aplikácie: C:\windows\Explorer.EXE Cesta chybného modulu: C:\windows\system32\SHLWAPI.dll
Identifikácia
hlásenia: 3c761b14-f104-11e0-a7cc-c0cb38f3311b

Error - 10/7/2011 12:58:03 PM | Computer Name = a05-0336b | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10/7/2011 12:58:03 PM | Computer Name = a05-0336b | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 10/7/2011 10:27:01 AM | Computer Name = a05-0336b | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume Yo-Safe encountered
a non-retryable error and could not start. The data contains the error code.

Error - 10/8/2011 8:07:05 AM | Computer Name = a05-0336b | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 10/9/2011 4:37:43 AM | Computer Name = a05-0336b | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby ShellHWDetection bol
dosiahnutý časový limit (30000 ms).

Error - 10/9/2011 1:29:16 PM | Computer Name = a05-0336b | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume Yo-Safe encountered
a non-retryable error and could not start. The data contains the error code.

Error - 10/10/2011 2:03:55 AM | Computer Name = a05-0336b | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume Yo-Safe encountered
a non-retryable error and could not start. The data contains the error code.

Error - 10/10/2011 4:41:14 AM | Computer Name = a05-0336b | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume Yo-Safe encountered
a non-retryable error and could not start. The data contains the error code.

Error - 10/11/2011 7:40:06 AM | Computer Name = a05-0336b | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby Netman bol dosiahnutý
časový limit (30000 ms).

Error - 10/11/2011 7:46:22 AM | Computer Name = a05-0336b | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search bola ukončená s chybou služby %%-1073473535.

Error - 10/11/2011 7:46:22 AM | Computer Name = a05-0336b | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 10/11/2011 7:50:21 AM | Computer Name = a05-0336b | Source = VDS Basic Provider | ID = 33554433
Description =

< End of report >

#10 Příspěvek od **Mc_Murphy** » 12 říj 2011 10:26

V poho, pokud tam nejsou, odpálím toolbary růčo-fůčo.

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-325939665-3490199189-181498114-1002\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4 - HKU\S-1-5-21-325939665-3490199189-181498114-1002..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[10 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
@Alternate Data Stream - 869 bytes -> \Downloads\Gmail\2007_03_20070326-155523-noreply@big4um_sk-UPLOADER_MESIACA_MAREC-1.eml:OECustomProperty
@Alternate Data Stream - 693 bytes -> \Downloads\Gmail\2010_01_20100102-190638-admin@kukni_net-Zarobok_pre_uploadera-1.eml:OECustomProperty
@Alternate Data Stream - 1028 bytes -> C:\Users\Lubos\AppData\Local\pidgOnuRX8LUqb:qgFzvTXeWcFU1oJj4BCv

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"Persistence"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=-
"UpdatePRCShortCut"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\windows\tasks\AutoKMS.job /d
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002UA.job

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Lubos226 · #11 Příspěvek od **Lubos226** » 12 říj 2011 11:14

len pre info.. sluzbu NVIDIA Display Driver Service som znova spustil pretoze ju pouzivam

LOG:
All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-325939665-3490199189-181498114-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-325939665-3490199189-181498114-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2335.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5459.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58C9.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP94DF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4B8.tmp\Microsoft.SqlServer.BatchParser.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA4B8.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1AF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB4E5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF0E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED88.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP28E5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3FE1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7862.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD608.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE954.tmp folder deleted successfully.
C:\windows\Installer\MSI4EA1.tmp deleted successfully.
C:\windows\Installer\MSIEEBB.tmp deleted successfully.
ADS \Downloads\Gmail\2007_03_20070326-155523-noreply@big4um_sk-UPLOADER_MESIACA_MAREC-1.eml:OECustomProperty deleted successfully.
ADS \Downloads\Gmail\2010_01_20100102-190638-admin@kukni_net-Zarobok_pre_uploadera-1.eml:OECustomProperty deleted successfully.
ADS C:\Users\Lubos\AppData\Local\pidgOnuRX8LUqb:qgFzvTXeWcFU1oJj4BCv deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IgfxTray not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
File\Folder C:\windows\tasks\AutoKMS.job not found.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-325939665-3490199189-181498114-1002UA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest

User: Lubos
->Temp folder emptied: 19791514 bytes
->Temporary Internet Files folder emptied: 8112140 bytes
->Java cache emptied: 5994 bytes
->FireFox cache emptied: 36484843 bytes
->Google Chrome cache emptied: 320698405 bytes
->Opera cache emptied: 52316227 bytes
->Flash cache emptied: 44211 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 2072136 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16326896 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50587 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 435.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest

User: Lubos
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.29.1 log created on 10122011_115738

Files\Folders moved on Reboot...
C:\Users\Lubos\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-3964.log moved successfully.
File\Folder C:\windows\temp\TMP000000F2E7464A44F554CFE1 not found!

Registry entries deleted on Reboot...

#12 Příspěvek od **Mc_Murphy** » 12 říj 2011 11:53

Dočistíme:

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

A pokud nejsou žádné dotazy, bylo by to z mé strany vše.

Lubos226 · #13 Příspěvek od **Lubos226** » 12 říj 2011 13:24

dakujem

este ak mozem jednu otazku ohaladom CC:

v polozke "cistic" su iste moznosti ktore su defaultne nezaskrtnute

Obrázek

je bezpecne vsetky tieto moznosti zaskrtnut?

#14 Příspěvek od **Mc_Murphy** » 12 říj 2011 13:55

Bezpečné to jistě je, ale nemusí to být zrovna žádoucí. Když něco funguje, je zbytečné do toho zbrkle vrtat.
Mrkni se na tuhle příručku a nauč se více používat strejdu Google.

Lubos226 · #15 Příspěvek od **Lubos226** » 12 říj 2011 17:10

okej, dakujem za vycistenie a rady

VIRY.CZ

preventivna kontrola

preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola