VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim o preventivku NB

https://forum.viry.cz:443/viewtopic.php?t=119083

Stránka 1 z 2

Prosim o preventivku NB

Napsal: 25 led 2012 11:57
od stoupa101
Posledni dobou je NB linejsi a linejsi. Nez neco provede tak stale na neco ceka a rad bych ho dal dohromady, jinak budu muset asi preinstalovat. Predem dekuji za rady.

Logfile of random's system information tool 1.09 (written by random/random)
Run by stoupa at 2012-01-25 11:42:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 272 GB (59%) free of 461 GB
Total RAM: 2037 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:11, on 25.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\App\DAEMON Tools Lite\DTLite.exe
C:\App\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\WWW\Zend\Apache2\bin\ApacheMonitor.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\App\Salamander\salamand.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\App\Winamp\winamp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
C:\App\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\App\Mozilla Firefox\firefox.exe
C:\App\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\stoupa.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\App\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\App\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\stoupa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\App\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\App\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\App\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - Startup: Dropbox.lnk = stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Apache Web Server Monitor.lnk = C:\WWW\Zend\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Zend Controller.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\App\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\App\ICQ7.2\ICQ.exe
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\App\QIP\qip.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://192.168.10.73/RtspVaPgDec.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://cam2.nix.cz/plugin/h263ctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\App\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Apache2.2 - Unknown owner - C:\WWW\httpd-2.2-x64\bin\httpd.exe (file missing)
O23 - Service: Apache2.2-Zend - Apache Software Foundation - C:\WWW\Zend\Apache2\bin\httpd.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\App\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\App\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: MySQL - Unknown owner - C:\WWW\MySQL\MySQL.exe (file missing)
O23 - Service: MySQL_ZendServer51 - Unknown owner - C:\WWW\Zend\MySQL51\bin\mysqld (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - Unknown owner - C:/App/PostgreSQL/8.4/bin/pg_ctl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: ST7501 Uranus Watch Dog - Unknown owner - C:\App\Vivotek Inc\ST7501\Server\ST7501_UranusWatchDog.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zend Java Bridge (ZendJavaBridge) - Zend Technologies Ltd. - C:\WWW\Zend\ZendServer\bin\JavaServer.exe
O23 - Service: Zend Job Queue (ZendJobQueue) - Zend Technologies Ltd. - C:\WWW\Zend\ZendServer\bin\jqd.exe
O23 - Service: Zend Monitor (ZendMonitor) - Zend Technologies Ltd. - C:\WWW\Zend\ZendServer\bin\MonitorNode.exe
O23 - Service: Zend Session Clustering (ZendSessionClustering) - Zend Technologies Ltd. - C:\WWW\Zend\ZendServer\bin\ZendSessionManager.exe

--
End of file - 15569 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\SysWOW64\bgsvcgen.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe"
"C:\App\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Acer Bio Protection\BASVC.exe"
C:\Windows\System32\svchost.exe -k ipripsvc
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"taskhost.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\App\T-Mobile\Web'n'walk Manager\ameisvc.exe"
WLIDSvcM.exe 2412
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\App\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\App\TortoiseHg\TortoiseHgOverlayServer.exe"
"C:\App\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\App\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\WWW\Zend\Apache2\bin\ApacheMonitor.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"taskhost.exe"
"C:\App\Salamander\salamand.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -restart
"C:\App\Winamp\winamp.exe" "D:\Download\playlist.pls"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
taskeng.exe {885E4C1F-16D1-434E-A327-1D2B3A6D7245}
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d23eb088-544f-48ec-bdb6-0599c46c0cc7 -SystemEventPortName:HostProcess-1bd18111-e13a-4f50-b0fb-337c9074ad3a -IoCancelEventPortName:HostProcess-f6c15539-28a6-4588-a320-b656c0533987 -NonStateChangingEventPortName:HostProcess-11d57cb9-0782-43a5-baef-0869fdaddb2c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bc9e4b15-8905-466d-af8b-b7cf322a8a19
"C:\App\Mozilla Thunderbird\thunderbird.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\ehome\ehPrivJob.exe /DoReindexSearchRoot
\??\C:\Windows\system32\conhost.exe "-22870100-194788764-412286567-972584851-61891114-16179599219863927121384887600
"C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe" -d -e:{F10DF78F-5B04-495D-AC1F-4213FD723724}
"C:\Program Files (x86)\VMware\VMware Player\x64\vmware-vmx.exe" -T querytoken -s"snapshot.numRollingTiers=0" -s"RemoteDisplay.vnc.enabled=FALSE" -s vmx.stdio.keep=TRUE -# "product=8;name=VMware Player;version=3.1.5;buildnumber=491717;licensename=VMware Player;licenseversion=6.0;" -@ pipe=\\.\pipe\vmxf916e83a16453a31; "D:\Virtual Machines\Linux - Ubuntu\Linux - Ubuntu.vmx"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"C:\App\Mozilla Firefox\firefox.exe"
"C:\App\Mozilla Firefox\plugin-container.exe" --channel=4180.6030990.288951302 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0.1 -greomni "C:\App\Mozilla Firefox\omni.jar" 4180 "\\.\pipe\gecko-crash-server-pipe.4180" plugin
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\tmp\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "firebug@software.joehewitt.com:1.6.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, yslow@yahoo-inc.com:2.1.0, trexma@twofourone.blogspot.com:0.8.6, {3c9761ad-a43d-4447-b924-f5d83cb48063}:2.3, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... 2.0.0.4&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@skyhookwireless.com/LokiPlugin]
"Description"=Plugin for enabling loki based location services
"Path"=C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\App\Sony\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\App\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\App\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\App\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt

C:\App\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\App\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\extensions\
foxmarks@kei.com
trexma@twofourone.blogspot.com
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\App\Java\jre6\bin\jp2ssv.dll [2011-04-05 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-02 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-06 349480]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-19 496160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-03 8098848]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-14 1814312]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"egui"=C:\App\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"TortoiseHgOverlayIconServer"=C:\App\TortoiseHg\TortoiseHgOverlayServer.exe [2011-05-01 52688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\App\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Users\stoupa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 135664]
"uTorrent"=C:\App\uTorrent\uTorrent.exe [2011-03-30 399736]
"ICQ"=C:\App\ICQ7.2\ICQ.exe [2011-01-05 133432]
"T-Mobile Communication Centre"=C:\App\T-Mobile\Web'n'walk Manager\Manager.exe [2011-06-30 1363984]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-22 261888]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-18 825864]
"VitaKeyPdtWzd"=C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [2009-08-28 3567616]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-06 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-05 181480]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"VMware hqtray"=C:\Program Files (x86)\VMware\VMware Player\hqtray.exe [2011-09-23 64112]
"QuickTime Task"=C:\App\QuickTime\QTTask.exe [2011-10-24 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-02 296056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Apache Web Server Monitor.lnk - C:\WWW\Zend\Apache2\bin\ApacheMonitor.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
Zend Controller.lnk - C:\WWW\Zend\ZendServer\bin\zendcontroller.exe

C:\Users\stoupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-02 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2012-01-25 11:42:54 ----D---- C:\rsit
2012-01-25 11:24:58 ----D---- C:\Users\stoupa\AppData\Roaming\TeamViewer
2012-01-24 11:42:11 ----D---- C:\Windows\system32\Macromed
2012-01-23 11:35:40 ----D---- C:\Program Files (x86)\TeamViewer
2012-01-20 12:30:51 ----D---- C:\tmp
2012-01-19 10:48:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-18 11:01:14 ----A---- C:\Windows\system32\drivers\pneteth.sys
2012-01-18 11:01:12 ----D---- C:\Program Files (x86)\PdaNet for Android
2012-01-18 07:51:16 ----D---- C:\Users\stoupa\AppData\Roaming\Dropbox
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadwh.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadmdm.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadcm.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadbus.sys
2012-01-15 17:34:23 ----A---- C:\Windows\system32\drivers\ssadadb.sys
2012-01-15 17:33:18 ----A---- C:\Windows\system32\drivers\sscdwhnt.sys
2012-01-15 17:33:18 ----A---- C:\Windows\system32\drivers\sscdmdm.sys
2012-01-15 17:33:18 ----A---- C:\Windows\system32\drivers\sscdmdfl.sys
2012-01-15 17:33:18 ----A---- C:\Windows\system32\drivers\sscdcmnt.sys
2012-01-15 17:33:18 ----A---- C:\Windows\system32\drivers\sscdbus.sys
2012-01-15 15:34:01 ----D---- C:\Users\stoupa\AppData\Roaming\Temp
2012-01-15 15:32:17 ----D---- C:\Temp
2012-01-15 15:10:58 ----D---- C:\Windows\SYSWOW64\System32

======List of files/folders modified in the last 1 month======

2012-01-25 11:43:59 ----D---- C:\Windows\Temp
2012-01-25 11:43:42 ----D---- C:\Program Files\trend micro
2012-01-25 11:43:33 ----D---- C:\Users\stoupa\AppData\Roaming\Skype
2012-01-25 11:22:04 ----D---- C:\Users\stoupa\AppData\Roaming\VMware
2012-01-24 13:50:07 ----D---- C:\Windows\system32\config
2012-01-24 11:42:11 ----D---- C:\Windows\System32
2012-01-24 11:06:28 ----D---- C:\Data
2012-01-23 12:39:42 ----D---- C:\Windows\inf
2012-01-23 12:39:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-23 12:36:36 ----D---- C:\Users\stoupa\AppData\Roaming\uTorrent
2012-01-23 12:35:41 ----D---- C:\Users\stoupa\AppData\Roaming\ICQ
2012-01-23 12:34:27 ----D---- C:\Users\stoupa\AppData\Roaming\TortoiseHg
2012-01-23 12:33:27 ----D---- C:\ProgramData\VMware
2012-01-23 12:21:23 ----D---- C:\Windows\Prefetch
2012-01-23 11:35:40 ----D---- C:\Program Files (x86)
2012-01-22 15:09:18 ----SHD---- C:\$RECYCLE.BIN
2012-01-22 01:33:23 ----SHD---- C:\System Volume Information
2012-01-21 23:21:34 ----D---- C:\WWW
2012-01-19 13:19:22 ----SHD---- C:\Config.Msi
2012-01-19 13:18:06 ----D---- C:\Windows\tracing
2012-01-19 13:18:02 ----D---- C:\Windows\system32\catroot
2012-01-19 13:03:04 ----D---- C:\Windows\ModemLogs
2012-01-19 13:00:14 ----SHD---- C:\Windows\Installer
2012-01-19 12:52:03 ----D---- C:\ProgramData\Samsung
2012-01-19 12:51:56 ----D---- C:\Windows\SysWOW64
2012-01-19 12:51:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-19 12:50:39 ----D---- C:\Windows
2012-01-19 12:45:41 ----D---- C:\Windows\system32\catroot2
2012-01-19 12:34:53 ----RSD---- C:\Windows\assembly
2012-01-19 12:34:47 ----D---- C:\Windows\system32\DriverStore
2012-01-19 12:34:36 ----RD---- C:\Program Files
2012-01-19 12:34:36 ----D---- C:\App
2012-01-19 12:28:53 ----A---- C:\Windows\wininit.ini
2012-01-19 12:11:12 ----D---- C:\Windows\system32\Tasks
2012-01-19 12:10:23 ----D---- C:\ProgramData
2012-01-19 12:10:01 ----D---- C:\Program Files (x86)\Common Files
2012-01-19 12:08:49 ----D---- C:\Program Files (x86)\Rockstar Games
2012-01-19 11:43:29 ----D---- C:\Windows\Microsoft.NET
2012-01-19 11:19:18 ----D---- C:\Windows\system32\drivers
2012-01-19 10:48:25 ----D---- C:\Windows\SYSWOW64\en-US
2012-01-19 10:48:25 ----D---- C:\Windows\system32\en-US
2012-01-19 10:42:19 ----DC---- C:\Windows\system32\DRVSTORE
2012-01-10 15:58:13 ----D---- C:\Users\stoupa\AppData\Roaming\Winamp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2009-08-24 22640]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-09 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\dddskx64.sys [2009-02-12 26024]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 169080]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 44944]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\Windows\System32\Drivers\FPSensor.sys [2009-12-09 29184]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-09-23 38512]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2011-09-23 81008]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2011-09-23 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2011-09-23 30320]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2011-09-23 68720]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [2010-08-19 32816]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-03 1994272]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-07 317480]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-05-14 5435904]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 nuvotoncir;Nuvoton IR Transceiver; C:\Windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 48128]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-14 286768]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2011-09-23 31856]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2011-09-23 20016]
S1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-06-27 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-06-27 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-06-27 52224]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-06 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-06 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-01-06 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-06 21160]
S3 connctfy;Connectify Service; C:\Windows\system32\DRIVERS\connctfy.sys []
S3 connctfyMP;connctfyMP; C:\Windows\system32\DRIVERS\connctfy.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 easytether;easytether; C:\Windows\system32\DRIVERS\easytthr.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2008-03-13 68800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2008-03-13 84288]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 143320]
S3 KinectCamera;Microsoft Kinect Camera Driver; C:\Windows\System32\Drivers\kinectcamera.sys [2011-05-27 46112]
S3 libusb0;LibUsb-Win32 - Kernel Driver; C:\Windows\system32\drivers\libusb0.sys []
S3 Ltn_stk7070P;PCTV LITEON TT1260 based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys [2009-05-22 625152]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [2010-12-16 126464]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2011-09-23 37680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\App\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-06-24 123120]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\SysWOW64\bgsvcgen.exe [2007-06-16 145504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 DB2MGMTSVC_DB2COPY1;DB2 Management Service (DB2COPY1); C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe [2009-04-04 38688]
R2 ekrn;ESET Service; C:\App\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-19 796192]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IGBASVC;EgisTec Service; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [2009-08-28 3450368]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-22 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2011-09-23 113264]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2011-09-23 334448]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-09-23 539248]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2011-09-23 404080]
S2 Apache2.2;Apache2.2; C:\WWW\httpd-2.2-x64\bin\httpd.exe -k runservice []
S2 Apache2.2-Zend;Apache2.2-Zend; C:\WWW\Zend\Apache2\bin\httpd.exe [2011-03-09 26496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
S2 MySQL;MySQL; C:\WWW\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\WWW\MySQL\MySQL Server 5.1\my.ini MySQL []
S2 MySQL_ZendServer51;MySQL_ZendServer51; C:\WWW\Zend\MySQL51\bin\mysqld --defaults-file=C:\WWW\Zend\MySQL51\my.ini MySQL_ZendServer51 []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; C:/App/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/App/PostgreSQL/8.4/data -w []
S2 ST7501 Uranus Watch Dog;ST7501 Uranus Watch Dog; C:\App\Vivotek Inc\ST7501\Server\ST7501_UranusWatchDog.exe [2009-03-25 376192]
S2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S3 EhttpSrv;ESET HTTP Server; C:\App\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe [2010-08-19 191024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1255736]

-----------------EOF-----------------

Re: Prosim o preventivku NB

Napsal: 26 led 2012 05:44
od Mc_Murphy
Zdravím. :162:

:arrow: Mno, na NTB Ti kromě jiného běží dva antiviry. Počítám, že McAfee tam byl jako OEM a ESET Smart Security sis doinstaloval sám. Jeden z antivirů musí jít pryč, jinak Ti bude systém kolidovat. Jsou ESET Smart Security legální = zakoupená licence?!

Re: Prosim o preventivku NB

Napsal: 26 led 2012 12:28
od stoupa101
ESET je legalni, takze jsem odinstaloval McAfeeho.

Re: Prosim o preventivku NB

Napsal: 26 led 2012 14:07
od Mc_Murphy
OK, dáme si preventivní scan s MBAM.

:arrow: Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
  • Proveď aktualizaci virové databáze.
  • V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
  • Předem nic nemaž!!
  • MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

Re: Prosim o preventivku NB

Napsal: 27 led 2012 13:08
od stoupa101
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
www.malwarebytes.org

Verze databáze: v2012.01.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
stoupa :: LEGUAN [administrátor]

Ochrana: Povolena

26.1.2012 15:34:36
mbam-log-2012-01-26 (15-34-36).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 805659
Uplynulý čas: 2 hodin, 47 minut, 16 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Re: Prosim o preventivku NB

Napsal: 27 led 2012 13:33
od Mc_Murphy
:arrow: OK, MBAM je čistý, takže program nyní zase odinstaluj.
:arrow: Programy ICQ a Skype odeber ze spouštění při náběhu systému a spouštěj je až PO náběhu systému ručně v případě potřeby, zvláště ICQ značně zdržuje.


:arrow: Potom fixni v HJT níže uvedené položky.
  • Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
  • Položky, které v seznamu nenajdeš, prostě přeskoč.
  • HJT najdeš zde: C:\Program Files\trend micro\stoupa.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\App\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\App\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\stoupa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\App\uTorrent\uTorrent.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\App\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\App\ICQ7.2\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\App\QIP\qip.exe (file missing) (HKCU)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com


:arrow: Dále stáhni OTL z tohoto odkazu a ulož jej na Plochu.
  • Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
  • Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
  • Zaškrtni okénko Pro všechny uživatele.
  • Zaškrtni okénko Kontrola na havěť "LOP".
  • Zaškrtni okénko Kontrola na havěť "Purity".
  • Stáři souborů změň z 30 dnů na 7 dnů!!
  • Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Klikni na tlačítko [Prohledat].
  • Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
  • Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Re: Prosim o preventivku NB

Napsal: 27 led 2012 17:49
od stoupa101
Spoustel jsem to 2x a pokazde mi to hodilo chybovou hlasku:
Cannot create file C:\Data\_Download\cmd.bat
spoustel jsem to jako spravce a zaskrtnul vse podle doporuceni.
Prohledal jsem cely NB a nikde nenalezl soubor OTL.txt. Dnes to jiz nestihnu, ale zitra zkusim spustit OTL.exe primo na C:\

Re: Prosim o preventivku NB

Napsal: 28 led 2012 06:33
od Mc_Murphy
:arrow: Tohle je chyba OTL. Při jednom příkazu dochází ke konfliktu s antivirem. Bohužel, autorovi se zatím nedaří tuto chybu odstranit. :42:
  • Použij pro OTL takto upravený script:

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5
Postup pochopitelně stejný, jako prve. Takhle to bude fungovat.

Re: Prosim o preventivku NB

Napsal: 28 led 2012 08:58
od stoupa101
OTL logfile created on: 28.1.2012 7:41:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\tmp
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,31 Gb Available Physical Memory | 15,74% Memory free
4,18 Gb Paging File | 1,72 Gb Available in Paging File | 41,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 331,69 Gb Free Space | 73,68% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 162,79 Gb Free Space | 34,95% Space Free | Partition Type: NTFS

Computer Name: LEGUAN | User Name: stoupa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.27 14:29:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\tmp\OTL.exe
PRC - [2012.01.26 11:55:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\App\Mozilla Firefox\firefox.exe
PRC - [2012.01.19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.01.19 12:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.01.19 12:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\App\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.05 20:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.09.23 20:20:22 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.09.23 20:19:58 | 000,064,112 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
PRC - [2011.09.23 20:19:46 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.09.23 20:19:38 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2011.09.23 19:21:12 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2011.07.11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\App\Winamp\winamp.exe
PRC - [2011.06.30 12:35:20 | 001,363,984 | ---- | M] (Gemfor s.r.o.) -- C:\App\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2011.06.24 20:17:25 | 000,123,120 | ---- | M] (Gemfor s.r.o.) -- C:\App\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2011.03.09 15:03:02 | 000,042,904 | ---- | M] (Apache Software Foundation) -- C:\WWW\Zend\Apache2\bin\ApacheMonitor.exe
PRC - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\App\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009.10.06 14:18:26 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.10.05 19:15:10 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.09.22 21:04:32 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.09.22 21:04:20 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.28 07:45:38 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009.08.28 07:45:20 | 003,358,208 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009.08.18 08:38:32 | 000,825,864 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.EXE
PRC - [2009.08.07 13:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.08.07 13:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.08.06 18:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009.08.06 18:18:42 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.08.04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.07.12 19:34:56 | 004,426,608 | ---- | M] (Prog-Soft s.r.o.) -- C:\App\PSPad\PSPad.exe
PRC - [2009.07.10 23:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2009.07.10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009.04.04 00:33:36 | 000,038,688 | ---- | M] (International Business Machines Corporation) -- C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe
PRC - [2008.07.29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.06.16 03:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
PRC - [2001.02.28 09:33:20 | 001,019,959 | ---- | M] () -- C:\App\Salamander\salamand.exe


========== Modules (No Company Name) ==========

MOD - [2012.01.26 11:55:24 | 002,124,760 | ---- | M] () -- C:\App\Mozilla Firefox\mozjs.dll
MOD - [2012.01.24 11:43:38 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.23 20:20:38 | 000,970,352 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
MOD - [2011.09.23 20:19:40 | 000,068,720 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Player\zlib1.dll
MOD - [2011.08.15 12:42:45 | 000,623,616 | ---- | M] () -- C:\App\Winamp\System\jnetlib.w5s
MOD - [2011.08.15 12:42:45 | 000,154,624 | ---- | M] () -- C:\App\Winamp\System\jpeg.w5s
MOD - [2011.08.15 12:42:45 | 000,103,936 | ---- | M] () -- C:\App\Winamp\System\png.w5s
MOD - [2011.08.15 12:42:45 | 000,090,112 | ---- | M] () -- C:\App\Winamp\System\xml.w5s
MOD - [2011.08.15 12:42:45 | 000,084,480 | ---- | M] () -- C:\App\Winamp\System\playlist.w5s
MOD - [2011.08.15 12:42:45 | 000,047,616 | ---- | M] () -- C:\App\Winamp\zlib.dll
MOD - [2011.08.15 12:42:45 | 000,021,504 | ---- | M] () -- C:\App\Winamp\System\tagz.w5s
MOD - [2011.08.15 12:42:45 | 000,019,456 | ---- | M] () -- C:\App\Winamp\System\gif.w5s
MOD - [2011.08.15 12:42:45 | 000,016,384 | ---- | M] () -- C:\App\Winamp\System\gracenote.w5s
MOD - [2011.08.15 12:42:44 | 000,052,224 | ---- | M] () -- C:\App\Winamp\Plugins\out_ds.dll
MOD - [2011.08.15 12:42:44 | 000,023,040 | ---- | M] () -- C:\App\Winamp\System\albumart.w5s
MOD - [2011.08.15 12:42:44 | 000,022,528 | ---- | M] () -- C:\App\Winamp\Plugins\out_disk.dll
MOD - [2011.08.15 12:42:44 | 000,019,456 | ---- | M] () -- C:\App\Winamp\System\bmp.w5s
MOD - [2011.08.15 12:42:44 | 000,018,432 | ---- | M] () -- C:\App\Winamp\Plugins\out_wave.dll
MOD - [2011.08.15 12:42:44 | 000,016,896 | ---- | M] () -- C:\App\Winamp\System\dlmgr.w5s
MOD - [2011.08.15 12:42:43 | 000,313,344 | ---- | M] () -- C:\App\Winamp\Plugins\in_wm.dll
MOD - [2011.08.15 12:42:43 | 000,285,696 | ---- | M] () -- C:\App\Winamp\Plugins\in_mp3.dll
MOD - [2011.08.15 12:42:43 | 000,252,416 | ---- | M] () -- C:\App\Winamp\Plugins\in_vorbis.dll
MOD - [2011.08.15 12:42:43 | 000,165,376 | ---- | M] () -- C:\App\Winamp\Plugins\in_mod.dll
MOD - [2011.08.15 12:42:43 | 000,109,568 | ---- | M] () -- C:\App\Winamp\Plugins\in_midi.dll
MOD - [2011.08.15 12:42:43 | 000,102,400 | ---- | M] () -- C:\App\Winamp\Plugins\in_cdda.dll
MOD - [2011.08.15 12:42:43 | 000,060,928 | ---- | M] () -- C:\App\Winamp\Plugins\in_flac.dll
MOD - [2011.08.15 12:42:43 | 000,050,688 | ---- | M] () -- C:\App\Winamp\Plugins\in_mp4.dll
MOD - [2011.08.15 12:42:43 | 000,016,896 | ---- | M] () -- C:\App\Winamp\Plugins\in_wave.dll
MOD - [2011.08.15 12:42:42 | 000,869,376 | ---- | M] () -- C:\App\Winamp\Plugins\gen_dropbox.dll
MOD - [2011.08.15 12:42:42 | 000,410,624 | ---- | M] () -- C:\App\Winamp\nsutil.dll
MOD - [2011.08.15 12:42:42 | 000,253,440 | ---- | M] () -- C:\App\Winamp\libsndfile.dll
MOD - [2011.08.15 12:42:42 | 000,183,808 | ---- | M] () -- C:\App\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.08.15 12:42:42 | 000,078,848 | ---- | M] () -- C:\App\Winamp\nde.dll
MOD - [2011.08.15 12:42:42 | 000,027,648 | ---- | M] () -- C:\App\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.08.15 12:42:42 | 000,025,600 | ---- | M] () -- C:\App\Winamp\Plugins\gen_tray.dll
MOD - [2009.08.16 17:06:04 | 000,141,312 | ---- | M] () -- C:\App\WinRAR\RarExt32.dll
MOD - [2009.02.02 17:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2008.07.29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2008.03.30 16:22:42 | 000,070,144 | ---- | M] () -- C:\App\PSPad\PSPadShell.dll
MOD - [2001.02.28 09:33:20 | 001,019,959 | ---- | M] () -- C:\App\Salamander\salamand.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.08.19 06:40:12 | 000,796,192 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009.08.11 16:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009.07.14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012.01.19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Disabled | Running] -- C:\App\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.09.23 20:20:22 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.09.23 20:19:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.09.23 20:19:38 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.09.23 19:21:12 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011.06.24 20:17:25 | 000,123,120 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\App\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2011.03.09 15:03:16 | 000,574,736 | ---- | M] (Zend Technologies Ltd.) [Auto | Stopped] -- C:\WWW\Zend\ZendServer\bin\ZendSessionManager.exe -- (ZendSessionClustering)
SRV - [2011.03.09 15:03:12 | 000,338,704 | ---- | M] (Zend Technologies Ltd.) [Auto | Stopped] -- C:\WWW\Zend\ZendServer\bin\MonitorNode.exe -- (ZendMonitor)
SRV - [2011.03.09 15:03:10 | 000,556,816 | ---- | M] (Zend Technologies Ltd.) [Auto | Stopped] -- C:\WWW\Zend\ZendServer\bin\jqd.exe -- (ZendJobQueue)
SRV - [2011.03.09 15:03:10 | 000,022,800 | ---- | M] (Zend Technologies Ltd.) [Auto | Stopped] -- C:\WWW\Zend\ZendServer\bin\JavaServer.exe -- (ZendJavaBridge)
SRV - [2011.03.09 15:03:06 | 000,026,496 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\WWW\Zend\Apache2\bin\httpd.exe -- (Apache2.2-Zend)
SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010.08.12 23:08:04 | 006,094,848 | ---- | M] () [Auto | Stopped] -- C:\WWW\Zend\MySQL51\bin\mysqld.exe -- (MySQL_ZendServer51)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009.11.16 09:12:56 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\App\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\App\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV - [2009.09.22 21:04:32 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.28 07:45:38 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009.08.07 13:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.08.06 18:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.07.14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.07.10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.04 00:33:36 | 000,038,688 | ---- | M] (International Business Machines Corporation) [Auto | Running] -- C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe -- (DB2MGMTSVC_DB2COPY1) DB2 Management Service (DB2COPY1)
SRV - [2009.03.25 13:46:38 | 000,376,192 | ---- | M] () [Auto | Stopped] -- C:\App\Vivotek Inc\ST7501\Server\ST7501_UranusWatchDog.exe -- (ST7501 Uranus Watch Dog)
SRV - [2007.06.16 03:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.11.25 00:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011.09.23 20:21:08 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.09.23 20:20:54 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.09.23 20:19:16 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011.09.23 20:19:06 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.09.23 19:21:06 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.09.23 16:58:32 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.09.23 16:58:32 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011.09.23 16:58:32 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.05.27 20:01:12 | 000,046,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kinectcamera.sys -- (KinectCamera)
DRV:64bit: - [2011.01.04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2011.01.03 10:38:36 | 000,177,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.01.03 10:38:36 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.01.03 10:38:36 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.12.16 09:23:14 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.10.25 10:10:22 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.21 23:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010.02.26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010.01.08 08:13:12 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010.01.06 16:33:40 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.06 16:33:40 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.01.06 16:33:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.01.06 16:33:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.18 15:02:26 | 000,169,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009.12.18 15:02:26 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009.12.09 19:20:41 | 000,029,184 | ---- | M] (Egistec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2009.12.09 19:14:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.16 09:03:42 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.11.16 08:56:16 | 000,145,336 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.08.24 13:10:40 | 000,022,640 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009.08.14 15:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.08.07 13:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.01 05:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.06.24 22:03:24 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.07 08:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.22 13:43:08 | 000,625,152 | ---- | M] (LiteOn) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV:64bit: - [2009.05.18 07:23:42 | 000,143,320 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.05.14 01:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.02.13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2009.02.12 14:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dddskx64.sys -- (ElRawDisk)
DRV:64bit: - [2008.03.13 06:51:00 | 000,068,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2008.03.13 06:49:36 | 000,084,288 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2007.06.27 18:31:24 | 000,054,272 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV:64bit: - [2007.06.27 18:31:24 | 000,052,224 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV:64bit: - [2007.06.27 18:31:24 | 000,006,144 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV - [2010.08.19 13:56:38 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009.12.30 11:23:24 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.10.21 13:04:22 | 000,028,160 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2009.09.02 19:52:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/12/09 19:25:39] [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.02.20 18:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\cdrbsdrv.sys -- (cdrbsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4842y265
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: yslow@yahoo-inc.com:2.1.0
FF - prefs.js..extensions.enabledItems: trexma@twofourone.blogspot.com:0.8.6
FF - prefs.js..extensions.enabledItems: {3c9761ad-a43d-4447-b924-f5d83cb48063}:2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.4&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\App\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\App\Sony\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.148_0\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\stoupa\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\stoupa\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3c9761ad-a43d-4447-b924-f5d83cb48063}: C:\App\Zend\Zend Studio - 8.0.0\toolbars\firefox [2010.12.16 14:07:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.02 11:20:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\App\Mozilla Firefox\components [2012.01.26 11:55:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\App\Mozilla Firefox\plugins [2012.01.19 11:17:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\App\Mozilla Thunderbird\components [2011.12.02 11:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\App\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\App\ESET\ESET Smart Security\Mozilla Thunderbird [2010.01.26 12:53:42 | 000,000,000 | ---D | M]

[2009.12.10 07:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stoupa\AppData\Roaming\Mozilla\Extensions
[2009.12.10 07:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stoupa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.01.26 15:34:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\extensions
[2012.01.26 15:34:53 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.01.23 17:28:43 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\extensions\foxmarks@kei.com
[2012.01.23 17:26:15 | 000,000,000 | ---D | M] (trexma) -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\extensions\trexma@twofourone.blogspot.com
[2012.01.23 12:38:53 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-1.xml
[2010.12.09 11:35:33 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-2.xml
[2010.12.28 12:17:41 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-3.xml
[2010.08.20 12:39:18 | 000,001,056 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin.xml
() (No name found) -- C:\USERS\STOUPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XK82R5PH.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\STOUPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XK82R5PH.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
() (No name found) -- C:\USERS\STOUPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XK82R5PH.DEFAULT\EXTENSIONS\RPNCALCBAR@DOMBONJ.XPI
() (No name found) -- C:\USERS\STOUPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XK82R5PH.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\stoupa\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\App\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\App\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\App\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\App\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\App\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\App\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\stoupa\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\stoupa\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.148_0\npsoe.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\App\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Media Go Detector (Enabled) = C:\App\Sony\npmediago.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
CHR - plugin: Loki Plugin (Enabled) = C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Xmarks Bookmark Sync = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.17_0\
CHR - Extension: YouTube = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Firebug Lite = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbbfjbeaefgipfjpdabmpadaacmafkj\1.27\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: SOE Web Installer = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.148_0\
CHR - Extension: YouTube Downloader = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapjkciegccccojledkpnfgchdkjemec\1.7_0\
CHR - Extension: Fast YouTube Search = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggkljdkflooidjlkahdnfgodflkelkai\1.2\
CHR - Extension: Send to Kindle = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.3.3_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: TM new showprofile = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcfgiokokcmclnmghadckabnlacjean\1.0_0\
CHR - Extension: Gmail = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: TED Video Download = C:\Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponobohemjmcfbdcjghajlmkenceogaa\1.3_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\App\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\App\TortoiseHg\TortoiseHgOverlayServer.exe ()
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (VMware, Inc.)
O4 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000..\Run: [T-Mobile Communication Centre] C:\App\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - Startup: C:\Users\stoupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://192.168.10.73/RtspVaPgDec.cab (RtspVaPgCtrlNew Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://cam2.nix.cz/plugin/h263ctrl.cab (VaPgCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DAC2B3F-3FA0-4E4F-BED8-4F736289FD79}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

Re: Prosim o preventivku NB

Napsal: 28 led 2012 09:00
od stoupa101
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - C:\Windows\SysWow64\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.25 11:42:54 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.25 11:24:58 | 000,000,000 | ---D | C] -- C:\Users\stoupa\AppData\Roaming\TeamViewer
[2012.01.24 11:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.01.23 11:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2009.09.08 04:44:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2031.01.09 19:10:16 | 000,969,941 | ---- | M] () -- C:\Users\stoupa\Documents\Img00023.jpg
[2012.01.28 07:44:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.28 07:37:44 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000UA.job
[2012.01.28 07:37:43 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.28 07:36:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.27 17:05:55 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.27 16:53:09 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000Core.job
[2012.01.27 15:27:30 | 001,454,016 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.27 15:27:30 | 000,625,562 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.27 15:27:30 | 000,610,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.27 15:27:30 | 000,120,238 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.27 15:27:30 | 000,104,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.25 21:58:40 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.25 21:58:40 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.25 21:55:28 | 000,002,408 | ---- | M] () -- C:\Users\stoupa\Desktop\Google Chrome.lnk
[2012.01.25 21:49:50 | 1601,622,016 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.25 16:27:35 | 000,000,091 | ---- | M] () -- C:\Users\stoupa\.vpsuite_installation.xml
[2012.01.25 11:27:49 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.01.24 11:43:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.24 10:51:34 | 000,000,600 | ---- | M] () -- C:\Users\stoupa\AppData\Local\PUTTY.RND
[2012.01.23 11:35:51 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.27 14:36:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.25 11:27:50 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.01.25 11:27:49 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.01.23 11:35:51 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2012.01.23 11:35:51 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.11.30 16:40:26 | 000,000,096 | ---- | C] () -- C:\ProgramData\xlink.sys
[2011.11.30 16:40:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\ntUsrrIP_1_0.dll
[2011.11.30 16:32:46 | 000,000,031 | ---- | C] () -- C:\Windows\SysWow64\wiswndowsp32.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 11:56:49 | 000,000,035 | ---- | C] () -- C:\Windows\A5W.INI
[2011.05.19 11:53:57 | 000,000,413 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.05.10 14:03:17 | 000,014,848 | ---- | C] () -- C:\Users\stoupa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.10 14:02:01 | 000,007,680 | ---- | C] () -- C:\Users\stoupa\AppData\Roaming\JJStateData.dat
[2011.05.10 14:02:01 | 000,007,680 | ---- | C] () -- C:\Users\stoupa\AppData\Local\JJStateData.dat
[2011.05.10 13:21:58 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.19 23:28:47 | 000,000,507 | ---- | C] () -- C:\Windows\wininit.ini
[2011.01.04 16:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.01.04 16:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.01.04 16:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.01.04 16:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010.10.15 09:13:04 | 000,000,013 | ---- | C] () -- C:\Windows\TEXTware.ini
[2010.10.13 18:47:17 | 000,000,043 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.10.07 14:01:38 | 000,008,704 | ---- | C] () -- C:\Windows\SysWow64\BHARegister.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.24 16:19:53 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.06.24 16:13:35 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\K8D.dll
[2010.06.24 16:13:35 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FASTTime32.dll
[2010.06.24 16:13:34 | 000,227,840 | ---- | C] () -- C:\Windows\SysWow64\K8E.exe
[2010.05.18 12:11:04 | 000,007,620 | ---- | C] () -- C:\Users\stoupa\AppData\Local\Resmon.ResmonCfg
[2010.05.17 10:43:17 | 000,000,195 | ---- | C] () -- C:\Windows\MibBrowser.INI
[2010.02.12 16:27:41 | 000,000,012 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2010.01.14 10:03:17 | 000,022,152 | ---- | C] () -- C:\Windows\SysWow64\driver-flasher-3.5.exe
[2009.12.21 20:18:08 | 000,000,437 | ---- | C] () -- C:\Windows\SysWow64\gmsblist.dll
[2009.12.14 13:45:10 | 001,496,946 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.10 12:36:10 | 000,000,600 | ---- | C] () -- C:\Users\stoupa\AppData\Local\PUTTY.RND
[2009.12.10 00:08:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.09 20:53:23 | 000,000,000 | ---- | C] () -- C:\Users\stoupa\AppData\Roaming\wklnhst.dat
[2009.12.09 19:24:28 | 000,000,600 | ---- | C] () -- C:\Users\stoupa\AppData\Roaming\winscp.rnd
[2009.12.09 19:04:03 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.12.09 19:04:03 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009.12.09 19:04:03 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009.12.09 19:04:03 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009.11.27 20:49:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.01.23 13:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\QFClient2.dll
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\UNACEV2.DLL

========== LOP Check ==========

[2010.12.24 21:21:13 | 000,000,000 | ---D | M] -- C:\Users\hanka\AppData\Roaming\ESET
[2010.12.24 21:18:31 | 000,000,000 | ---D | M] -- C:\Users\hanka\AppData\Roaming\PC Suite
[2010.06.22 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\.purple
[2011.05.04 14:43:28 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Ashampoo
[2011.06.24 06:42:04 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\calibre
[2010.06.01 13:45:27 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Clonk
[2011.12.15 15:48:27 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Copernic
[2010.08.25 15:40:02 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\DAEMON Tools Lite
[2012.01.25 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Dropbox
[2012.01.19 12:29:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Electronic Arts
[2010.01.26 12:54:51 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ESET
[2011.01.28 17:38:57 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\EVEMon
[2011.04.27 13:54:18 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\FileZilla
[2010.01.12 09:26:21 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\GHISLER
[2009.12.22 15:08:17 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\gsak
[2012.01.26 11:46:13 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ICQ
[2009.12.17 15:42:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ID3-TagIT 3
[2011.01.12 00:18:06 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\LangSoft
[2009.12.17 16:06:48 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Mp3tag
[2009.12.11 22:18:28 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\MySQL
[2010.03.24 15:19:23 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Nokia
[2010.10.15 09:41:41 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\oald8
[2011.08.15 12:15:50 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\OnLive App
[2010.02.07 14:01:39 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\OpenOffice.org
[2011.04.13 14:37:57 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Opera
[2010.10.15 09:13:48 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Oxford
[2010.03.24 15:18:37 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\PC Suite
[2009.12.25 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\PowerCinema
[2010.03.15 07:54:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ProfitUI Reborn Updater
[2010.09.08 13:35:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\QuidoCX
[2012.01.25 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\RIFT
[2011.08.18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Samsung
[2011.04.04 15:13:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\SmartDraw
[2011.12.23 12:12:11 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\SoftDMA
[2011.02.19 23:25:54 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Sony
[2010.02.10 13:04:44 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Sony Setup
[2011.05.25 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Subversion
[2012.01.25 11:30:12 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\TeamViewer
[2012.01.15 15:34:01 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Temp
[2009.12.10 07:15:18 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Thunderbird
[2012.01.27 14:09:43 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\uTorrent
[2010.11.11 16:50:30 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\VitySoft
[2010.09.30 06:42:11 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Vogat Interactive
[2010.09.08 13:58:34 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Wireshark
[2009.12.10 01:42:12 | 000,000,000 | ---D | M] -- C:\Users\stoupa101\AppData\Roaming\Sports Interactive
[2012.01.19 11:09:53 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< netsvc >


< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c40714d5b04af66acd1cc52cc6d573d2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c40714d5b04af66acd1cc52cc6d573d2\*.tmp -> ]
[6056 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.06.22 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\.purple
[2011.07.18 12:13:30 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Adobe
[2011.12.06 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Apple Computer
[2011.05.04 14:43:28 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Ashampoo
[2011.06.24 06:42:04 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\calibre
[2010.06.01 13:45:27 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Clonk
[2011.12.15 15:48:27 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Copernic
[2009.12.12 14:27:10 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\CyberLink
[2010.08.25 15:40:02 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\DAEMON Tools Lite
[2012.01.25 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Dropbox
[2012.01.19 12:29:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Electronic Arts
[2010.01.26 12:54:51 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ESET
[2011.01.28 17:38:57 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\EVEMon
[2011.04.27 13:54:18 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\FileZilla
[2010.01.12 09:26:21 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\GHISLER
[2009.12.09 18:57:43 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Google
[2009.12.22 15:08:17 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\gsak
[2012.01.26 11:46:13 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ICQ
[2009.12.17 15:42:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ID3-TagIT 3
[2009.12.09 18:55:21 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Identities
[2009.12.09 19:03:43 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\InstallShield
[2010.12.24 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Intelli-studio
[2011.01.12 00:18:06 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\LangSoft
[2009.12.09 18:55:58 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Macromedia
[2011.02.21 08:57:27 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Malwarebytes
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Media Center Programs
[2011.03.13 10:48:14 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Media Player Classic
[2011.11.01 11:35:09 | 000,000,000 | --SD | M] -- C:\Users\stoupa\AppData\Roaming\Microsoft
[2011.06.20 16:03:04 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Mozilla
[2009.12.17 16:06:48 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Mp3tag
[2009.12.11 22:18:28 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\MySQL
[2011.12.22 13:33:08 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Nero
[2010.03.24 15:19:23 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Nokia
[2010.08.18 08:50:37 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\NVIDIA
[2010.10.15 09:41:41 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\oald8
[2011.08.15 12:15:50 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\OnLive App
[2010.02.07 14:01:39 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\OpenOffice.org
[2011.04.13 14:37:57 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Opera
[2010.10.15 09:13:48 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Oxford
[2010.03.24 15:18:37 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\PC Suite
[2009.12.25 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\PowerCinema
[2010.03.15 07:54:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\ProfitUI Reborn Updater
[2011.01.12 00:18:08 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\PSpad
[2010.09.08 13:35:59 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\QuidoCX
[2011.12.02 11:20:23 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Real
[2012.01.25 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\RIFT
[2011.08.18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Samsung
[2010.07.02 06:59:03 | 000,000,000 | RH-D | M] -- C:\Users\stoupa\AppData\Roaming\SecuROM
[2012.01.28 08:11:51 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Skype
[2011.07.22 09:50:37 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\skypePM
[2011.04.04 15:13:24 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\SmartDraw
[2011.12.23 12:12:11 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\SoftDMA
[2011.02.19 23:25:54 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Sony
[2010.02.10 13:04:44 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Sony Setup
[2011.05.25 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Subversion
[2009.12.10 12:27:38 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Talkback
[2012.01.25 11:30:12 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\TeamViewer
[2012.01.15 15:34:01 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Temp
[2009.12.10 07:15:18 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Thunderbird
[2012.01.25 21:53:02 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\TortoiseHg
[2010.01.04 07:42:45 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\UltraVNC
[2012.01.27 14:09:43 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\uTorrent
[2010.01.03 19:51:55 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Ventrilo
[2010.11.11 16:50:30 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\VitySoft
[2012.01.26 12:03:46 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\VMware
[2010.09.30 06:42:11 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Vogat Interactive
[2012.01.10 15:58:13 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Winamp
[2009.12.10 20:50:01 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\WinRAR
[2010.09.08 13:58:34 | 000,000,000 | ---D | M] -- C:\Users\stoupa\AppData\Roaming\Wireshark

< %APPDATA%\*.exe /s >
[2011.12.05 20:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.12.05 20:17:50 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\stoupa\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2010.12.24 21:50:48 | 019,474,216 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Intelli-studio\iUpdate.exe
[2011.12.19 12:52:54 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\stoupa\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.09.30 14:25:53 | 000,010,134 | R--- | M] () -- C:\Users\stoupa\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2011.01.12 18:09:16 | 000,004,334 | R--- | M] () -- C:\Users\stoupa\AppData\Roaming\Microsoft\Installer\{402F8EF6-D4F8-4E0C-B572-99D318A06FC7}\_37c74887.exe
[2011.01.12 18:09:16 | 000,004,334 | R--- | M] () -- C:\Users\stoupa\AppData\Roaming\Microsoft\Installer\{402F8EF6-D4F8-4E0C-B572-99D318A06FC7}\_682b7484.exe
[2011.11.29 12:06:43 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\stoupa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe
[2011.11.22 11:31:51 | 026,927,552 | ---- | M] (RealNetworks, Inc.) -- C:\Users\stoupa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\RealPlayer.exe
[2011.11.22 11:31:30 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Users\stoupa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_exe\RealPlayer.exe
[2012.01.15 15:00:31 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe
[2011.07.26 19:23:14 | 000,958,352 | ---- | M] (Samsung) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.07.26 19:23:16 | 000,278,928 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.07.26 16:27:50 | 000,286,720 | ---- | M] (Samsung) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2011.07.26 19:23:16 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.07.26 16:27:16 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.07.26 16:27:16 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.07.26 16:27:18 | 000,666,112 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.07.26 19:23:20 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.07.26 16:27:06 | 000,106,408 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.07.26 16:27:06 | 000,101,288 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.07.26 19:23:22 | 000,131,984 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.07.26 19:23:24 | 000,020,880 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.07.26 19:23:26 | 004,661,464 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.07.26 16:26:44 | 024,100,248 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.07.26 19:23:28 | 000,362,384 | ---- | M] (ml) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2012.01.04 07:07:42 | 000,371,088 | ---- | M] (ml) -- C:\Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.01.27 17:05:55 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.28 07:59:05 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.01.27 16:53:09 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000Core.job
[2012.01.28 07:53:06 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2009.12.09 20:51:53 | 000,001,524 | ---- | M] () -- C:\Users\stoupa\Desktop\Acer Crystal Eye Webcam.lnk
[2010.11.02 21:19:31 | 000,001,934 | ---- | M] () -- C:\Users\stoupa\Desktop\Bloodline of the Fallen - Anna's Sacrifice.lnk
[2009.12.09 22:11:24 | 000,001,230 | ---- | M] () -- C:\Users\stoupa\Desktop\Calculator.lnk
[2011.02.22 20:04:07 | 000,000,700 | ---- | M] () -- C:\Users\stoupa\Desktop\CCleaner.lnk
[2011.03.21 16:05:53 | 000,000,140 | ---- | M] () -- C:\Users\stoupa\Desktop\chill.pls
[2010.09.26 15:34:56 | 000,001,270 | ---- | M] () -- C:\Users\stoupa\Desktop\CivilizationV – zástupce.lnk
[2010.10.14 18:05:17 | 000,001,829 | ---- | M] () -- C:\Users\stoupa\Desktop\Columbus - Ghost of the Mystery Stone.lnk
[2011.02.08 08:47:15 | 000,000,654 | ---- | M] () -- C:\Users\stoupa\Desktop\Comical.lnk
[2011.06.27 11:43:42 | 000,000,834 | -HS- | M] () -- C:\Users\stoupa\Desktop\desktop.ini
[2010.10.13 18:45:37 | 000,000,728 | ---- | M] () -- C:\Users\stoupa\Desktop\DicMan.lnk
[2010.08.26 12:03:43 | 000,000,826 | ---- | M] () -- C:\Users\stoupa\Desktop\DjView.lnk
[2012.01.18 07:56:59 | 000,001,042 | ---- | M] () -- C:\Users\stoupa\Desktop\Dropbox.lnk
[2011.07.22 21:43:58 | 002,143,778 | ---- | M] () -- C:\Users\stoupa\Desktop\DSCF3282.JPG
[2010.06.02 11:51:06 | 000,000,744 | ---- | M] () -- C:\Users\stoupa\Desktop\Edraw UML Diagram.lnk
[2011.02.10 23:55:42 | 860,941,932 | ---- | M] () -- C:\Users\stoupa\Desktop\euroix_film.mov
[2009.10.13 11:14:52 | 000,005,386 | ---- | M] () -- C:\Users\stoupa\Desktop\euroix_film.txt
[2010.02.23 19:09:35 | 000,001,093 | ---- | M] () -- C:\Users\stoupa\Desktop\EverQuest2 – zástupce.lnk
[2010.01.27 15:24:05 | 000,000,728 | ---- | M] () -- C:\Users\stoupa\Desktop\Free Ape Player.lnk
[2012.01.25 21:55:28 | 000,002,408 | ---- | M] () -- C:\Users\stoupa\Desktop\Google Chrome.lnk
[2010.10.14 09:41:05 | 000,001,791 | ---- | M] () -- C:\Users\stoupa\Desktop\googleearth – zástupce.lnk
[2011.04.20 10:12:30 | 000,000,490 | ---- | M] () -- C:\Users\stoupa\Desktop\history.xml
[2010.08.19 06:48:08 | 000,001,798 | ---- | M] () -- C:\Users\stoupa\Desktop\Installation Wizard 2.lnk
[2010.09.09 16:16:02 | 000,000,698 | ---- | M] () -- C:\Users\stoupa\Desktop\JustCause2 – zástupce.lnk
[2011.01.12 18:09:16 | 000,002,913 | ---- | M] () -- C:\Users\stoupa\Desktop\Language Lab Demo.lnk
[2010.08.25 19:12:18 | 000,001,082 | ---- | M] () -- C:\Users\stoupa\Desktop\mafia2 – zástupce.lnk
[2011.02.14 07:49:52 | 000,002,620 | ---- | M] () -- C:\Users\stoupa\Desktop\Magic The Gathering Tactics.lnk
[2010.05.17 11:23:52 | 000,001,965 | ---- | M] () -- C:\Users\stoupa\Desktop\MIB Browser.lnk
[2011.05.19 12:51:18 | 000,001,684 | ---- | M] () -- C:\Users\stoupa\Desktop\Mozilla Thunderbird.lnk
[2009.07.28 11:48:50 | 002,244,518 | ---- | M] () -- C:\Users\stoupa\Desktop\naty.jpg
[2010.10.13 18:45:37 | 000,000,728 | ---- | M] () -- C:\Users\stoupa\Desktop\PC Translator 2010.lnk
[2010.06.30 08:01:43 | 000,000,712 | ---- | M] () -- C:\Users\stoupa\Desktop\Perpetuum.lnk
[2011.06.02 12:48:36 | 000,000,134 | ---- | M] () -- C:\Users\stoupa\Desktop\Poradce při potížích s aplikací Internet Explorer.url
[2010.02.23 16:07:39 | 000,002,041 | ---- | M] () -- C:\Users\stoupa\Desktop\ProfitUI Reborn Updater.lnk
[2010.02.12 16:27:54 | 000,000,810 | ---- | M] () -- C:\Users\stoupa\Desktop\PSP Video Converter.lnk
[2010.02.12 16:27:54 | 000,000,859 | ---- | M] () -- C:\Users\stoupa\Desktop\PSPVC (Server).lnk
[2010.10.04 07:01:23 | 000,000,806 | ---- | M] () -- C:\Users\stoupa\Desktop\RapidShare Manager.lnk
[2011.07.20 14:43:28 | 000,000,862 | ---- | M] () -- C:\Users\stoupa\Desktop\Sample Skeletal Viewer.lnk
[2010.09.22 17:30:22 | 000,001,555 | ---- | M] () -- C:\Users\stoupa\Desktop\SBMonopoly – zástupce.lnk
[2010.10.13 18:45:37 | 000,000,728 | ---- | M] () -- C:\Users\stoupa\Desktop\Slovník.lnk
[2011.04.04 13:37:35 | 000,000,693 | ---- | M] () -- C:\Users\stoupa\Desktop\SmartDraw VP.lnk
[2010.01.12 09:26:23 | 000,000,726 | ---- | M] () -- C:\Users\stoupa\Desktop\Total Commander.lnk
[2010.01.04 07:41:23 | 000,000,656 | ---- | M] () -- C:\Users\stoupa\Desktop\UltraVNC Server.lnk
[2010.01.04 07:41:24 | 000,000,673 | ---- | M] () -- C:\Users\stoupa\Desktop\UltraVNC Viewer.lnk
[2011.05.10 14:38:18 | 000,170,100 | ---- | M] () -- C:\Users\stoupa\Desktop\X_38.jpg

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2010.10.20 01:16:22 | 000,786,476 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\cha_fidget_colossus_crack.tga
[2010.10.20 01:16:23 | 000,786,476 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\eff_animals_crackedearth.tga
[2010.10.20 01:16:59 | 000,496,667 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\pssg\props\plains_manaDeviceCracked.PSSG.gz

< *keygen* /s >
[2009.04.09 00:31:58 | 000,015,784 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:29:44 | 000,006,397 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\class-use\RSAKeyGenParameterSpec.html
[2009.04.09 00:32:10 | 000,026,617 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGenerator.html
[2009.04.09 00:28:22 | 000,013,948 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGeneratorSpi.html
[2009.04.09 00:31:04 | 000,008,837 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGenerator.html
[2009.04.09 00:27:42 | 000,007,553 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGeneratorSpi.html
[2009.04.09 00:31:10 | 000,015,083 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:28:18 | 000,005,914 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\class-use\RSAKeyGenParameterSpec.html

Re: Prosim o preventivku NB

Napsal: 28 led 2012 09:02
od stoupa101
< *loader* /s >
[2006.09.26 14:00:54 | 000,049,664 | ---- | M] () -- \App\Edraw UML Diagram\ssloader.e32
[2010.06.28 07:24:27 | 000,005,795 | ---- | M] () -- \App\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.06.28 07:24:27 | 000,005,520 | ---- | M] () -- \App\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.06.28 07:24:28 | 000,004,180 | ---- | M] () -- \App\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.06.28 07:24:27 | 000,005,520 | ---- | M] () -- \App\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.11 12:33:31 | 000,002,886 | ---- | M] () -- \App\ICQ7.2\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.07.12 05:52:22 | 000,000,402 | ---- | M] () -- \App\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.19 13:57:12 | 000,000,402 | ---- | M] () -- \App\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.19 13:57:13 | 000,000,402 | ---- | M] () -- \App\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.06.28 07:26:54 | 000,552,798 | ---- | M] () -- \App\ICQ7.2\Xtraz\icq\theme\game_center\loaderBkg.png
[2011.04.05 11:41:10 | 000,007,664 | ---- | M] () -- \App\Java\jdk1.6.0_24\demo\jvmti\hprof\src\hprof_loader.c
[2011.04.05 11:41:10 | 000,002,141 | ---- | M] () -- \App\Java\jdk1.6.0_24\demo\jvmti\hprof\src\hprof_loader.h
[2011.04.05 11:39:52 | 000,002,941 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011.04.05 11:39:53 | 000,000,411 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2011.04.05 11:40:06 | 001,138,236 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\modules\org-openide-loaders.jar
[2011.04.05 11:40:03 | 000,007,002 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2011.04.05 11:40:03 | 000,006,658 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011.04.05 11:40:09 | 000,000,456 | ---- | M] () -- \App\Java\jdk1.6.0_24\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.04.08 02:30:00 | 000,000,483 | ---- | M] () -- \App\NetBeans 7.0\enterprise\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2011.05.18 11:24:47 | 002,743,880 | ---- | M] () -- \App\NetBeans 7.0\enterprise\modules\org-netbeans-modules-j2ee-ddloaders.jar
[2011.05.18 11:24:18 | 000,033,680 | ---- | M] () -- \App\NetBeans 7.0\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ja.jar
[2011.05.18 11:24:15 | 000,031,129 | ---- | M] () -- \App\NetBeans 7.0\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_pt_BR.jar
[2011.05.18 11:24:18 | 000,036,025 | ---- | M] () -- \App\NetBeans 7.0\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ru.jar
[2011.05.18 11:24:15 | 000,032,362 | ---- | M] () -- \App\NetBeans 7.0\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_zh_CN.jar
[2011.05.18 11:25:26 | 000,000,432 | ---- | M] () -- \App\NetBeans 7.0\enterprise\update_tracking\org-netbeans-modules-j2ee-ddloaders.xml
[2011.04.08 02:30:01 | 000,000,484 | ---- | M] () -- \App\NetBeans 7.0\ergonomics\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2011.04.08 02:30:11 | 000,019,348 | ---- | M] () -- \App\NetBeans 7.0\javacard\JCDK3.0.2_ConnectedEdition\docs\api\spi\com\sun\javacard\spi\cardmgmt\DeploymentUnitLoader.html
[2009.04.09 00:30:54 | 000,004,261 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\apps\SVGDemo\src\com\sun\perseus\demo\ImageLoader.java
[2009.04.09 00:27:28 | 000,075,179 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\ClassLoader.html
[2009.04.09 00:29:26 | 000,025,070 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:31:18 | 000,035,485 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:48 | 000,008,749 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:27:10 | 000,021,745 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:29:42 | 000,007,912 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:22 | 000,075,257 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\ClassLoader.html
[2009.04.09 00:27:52 | 000,025,144 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:30 | 000,035,559 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:28 | 000,008,823 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:30:48 | 000,021,827 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:27:10 | 000,007,986 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:58 | 000,073,570 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\ClassLoader.html
[2009.04.09 00:30:02 | 000,027,469 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:34 | 000,034,597 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\URLClassLoader.html
[2009.04.09 00:28:20 | 000,008,293 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\class-use\URLClassLoader.html
[2009.04.09 00:28:00 | 000,021,104 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\SecureClassLoader.html
[2009.04.09 00:31:02 | 000,007,466 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\class-use\SecureClassLoader.html
[2011.05.18 11:26:16 | 000,002,977 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2011.04.08 02:30:16 | 000,002,941 | ---- | M] () -- \App\NetBeans 7.0\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011.04.08 02:30:16 | 000,000,411 | ---- | M] () -- \App\NetBeans 7.0\platform\config\Modules\org-openide-loaders.xml
[2011.05.18 11:21:04 | 001,322,133 | ---- | M] () -- \App\NetBeans 7.0\platform\modules\org-openide-loaders.jar
[2011.05.18 11:21:00 | 000,007,062 | ---- | M] () -- \App\NetBeans 7.0\platform\modules\locale\org-openide-loaders_ja.jar
[2011.05.18 11:20:58 | 000,006,437 | ---- | M] () -- \App\NetBeans 7.0\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2011.05.18 11:21:00 | 000,007,588 | ---- | M] () -- \App\NetBeans 7.0\platform\modules\locale\org-openide-loaders_ru.jar
[2011.05.18 11:20:58 | 000,006,722 | ---- | M] () -- \App\NetBeans 7.0\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011.05.18 11:22:32 | 000,000,465 | ---- | M] () -- \App\NetBeans 7.0\platform\update_tracking\org-openide-loaders.xml
[2009.09.16 22:33:50 | 000,006,308 | ---- | M] () -- \App\OpenOffice.org 3\Basis\program\pythonloader.py
[2009.09.16 15:22:08 | 000,022,528 | ---- | M] () -- \App\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.09.17 20:12:18 | 000,000,171 | ---- | M] () -- \App\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.09.11 16:36:38 | 000,029,696 | ---- | M] () -- \App\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.09.16 15:00:48 | 000,003,872 | ---- | M] () -- \App\OpenOffice.org 3\URE\java\unoloader.jar
[2009.11.23 14:18:44 | 000,002,828 | ---- | M] () -- \App\Oxford\OALD8\components\uriloader.xpt
[2007.07.26 17:00:02 | 000,067,584 | ---- | M] () -- \App\Panasonic\HDWRITER\MediaLoader.dll
[2010.06.04 15:49:49 | 000,025,294 | ---- | M] () -- \App\Pidgin\Gtk\bin\gdk-pixbuf-query-loaders.exe
[2010.06.04 15:49:51 | 000,000,543 | ---- | M] () -- \App\Pidgin\Gtk\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.07.12 07:27:27 | 000,029,485 | ---- | M] () -- \App\PostgreSQL\EnterpriseDB-ApachePhp\apache\www\mediaWiki\includes\AutoLoader.php
[2010.07.12 07:27:27 | 000,000,894 | ---- | M] () -- \App\PostgreSQL\EnterpriseDB-ApachePhp\apache\www\mediaWiki\maintenance\checkAutoLoader.php
[2009.10.23 15:41:45 | 012,010,264 | ---- | M] () -- \App\Sony\PSNDownloaderSetup.exe
[2011.02.26 11:46:28 | 000,007,168 | ---- | M] () -- \App\TortoiseHg\_win32sysloader.pyd
[2009.03.25 13:28:28 | 000,045,056 | ---- | M] () -- \App\Vivotek Inc\ST7501\Server\ServerControllerLoader.dll
[2009.03.25 13:28:28 | 000,044,032 | ---- | M] () -- \App\Vivotek Inc\ST7501\Server\ServerUtilityLoader.dll
[2009.08.16 17:05:14 | 000,053,760 | ---- | M] () -- \App\WinRAR\Formats\ace32loader.exe
[2010.02.08 00:44:00 | 000,000,543 | ---- | M] () -- \App\Wireshark\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.05.25 15:46:13 | 000,004,071 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\configuration\org.eclipse.osgi\bundles\666\1\.cp\resources\zend_server\ZendLoader.php
[2010.10.27 20:29:18 | 000,002,973 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.datatools.core_8.0.0.v20100714-1206\com\zend\php\datatools\core\DriversLoader.class
[2010.10.27 20:29:22 | 000,006,229 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20101001-0100\resources\library\PHPUnit\Runner\StandardTestSuiteLoader.php
[2010.10.27 20:29:22 | 000,002,942 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20101001-0100\resources\library\PHPUnit\Runner\TestSuiteLoader.php
[2010.10.27 20:29:22 | 000,004,998 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20101001-0100\resources\library\PHPUnit\Util\Fileloader.php
[2011.05.15 13:09:04 | 000,006,229 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20110331-1830\resources\library\PHPUnit\Runner\StandardTestSuiteLoader.php
[2011.05.15 13:09:04 | 000,002,942 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20110331-1830\resources\library\PHPUnit\Runner\TestSuiteLoader.php
[2011.05.15 13:09:04 | 000,004,998 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpunit_8.0.0.v20110331-1830\resources\library\PHPUnit\Util\Fileloader.php
[2009.07.07 22:34:40 | 000,002,713 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\org.mozilla.xulrunner.win32.win32.x86_1.9.1.0_v20101025-0100\xulrunner\components\uriloader.xpt
[2009.07.31 17:28:08 | 000,002,865 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Customizations\Generic\Style\Cascade\Media\Standard\Common\Seekbar\ProgramLoader.png
[2009.07.31 17:29:32 | 000,001,019 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\FlvLoader.swf
[2009.07.31 17:29:32 | 000,001,462 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\FlvLoaderResize.swf
[2009.07.31 17:29:36 | 000,010,481 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\KernelCtrl\ImageLoader.kc
[2009.07.31 17:29:36 | 000,003,706 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\KernelCtrl\URLDownloader.kc
[2009.07.31 17:29:36 | 000,003,482 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Widget\langloader.kc
[2009.07.31 17:29:36 | 000,012,741 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Widget\layoutloader.kc
[2009.08.03 22:34:48 | 000,011,710 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\mm\MediaCtrl\ImageLoader.kc
[2009.08.03 22:34:56 | 000,003,489 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\widget\langloader.kc
[2009.08.03 22:34:56 | 000,012,539 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\widget\layoutloader.kc
[2009.10.05 19:15:18 | 000,010,777 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\mm\MediaCtrl\ImageLoader.kc
[2009.10.05 19:15:22 | 000,003,494 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\widget\langloader.kc
[2009.10.05 19:15:22 | 000,012,797 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\widget\layoutloader.kc
[2011.06.18 08:24:14 | 000,044,032 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\PyISAPI_loader.dll
[2010.08.23 11:48:47 | 000,000,001 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.05.06 10:31:10 | 000,335,872 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.04.19 12:34:16 | 000,131,072 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 02:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.04.20 18:33:38 | 006,359,960 | ---- | M] () -- \Program Files (x86)\Sony Media Go Install\PSNDownloaderSetup.exe
[2011.12.02 11:20:00 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.02 11:20:00 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.12.02 11:20:00 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.02 11:20:00 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2011.01.15 02:53:51 | 000,131,301 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\campaignPreloader.gfx
[2010.12.08 21:10:53 | 002,796,368 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\preloaderBG.dds
[2012.01.17 04:09:26 | 000,001,849 | ---- | M] () -- \Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.3.3_0\images\loader-gray.gif
[2012.01.17 04:09:26 | 000,001,849 | ---- | M] () -- \Users\stoupa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.3.3_0\images\loader-white.gif
[2011.03.02 12:01:59 | 000,002,931 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QDDVD5A\preloader[1].swf
[2012.01.24 11:41:50 | 000,000,723 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\17EUT7BM\downloaderror[1].js
[2012.01.24 11:41:50 | 000,001,174 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\17EUT7BM\downloader[1].js
[2012.01.04 09:21:22 | 000,003,043 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5H71SXNI\downloader_en_eu[1].htm
[2012.01.24 11:41:20 | 000,007,900 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNTFTU3M\bundleloader[1].js
[2012.01.11 16:34:20 | 000,000,009 | ---- | M] () -- \Users\stoupa\AppData\Local\Temp\ZendLoader.MemoryBase@stoupa@193488477
[15 \Users\stoupa\AppData\Local\Temp\*.tmp files -> \Users\stoupa\AppData\Local\Temp\*.tmp -> ]
[2011.08.16 15:52:36 | 000,000,064 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LZ923GJE\www.kamennyobchod.cz\js\preloader.swf\preloadercookie.sol
[2010.11.12 11:13:58 | 000,000,749 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Downloader.lnk
[2011.07.26 16:39:46 | 000,069,120 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.07.26 19:23:22 | 000,131,984 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.01.15 15:05:48 | 000,028,629 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll.cab
[2012.01.15 15:05:10 | 000,058,835 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\External\FirmwareUpdate\BinaryLoaderMgr.exe.cab
[2009.12.24 00:57:55 | 000,069,632 | ---- | M] () -- \Users\stoupa\Cryptic\Cryptic Studios\Star Trek Online\Live\PhysXLoader.dll
[2010.12.16 14:34:58 | 000,004,071 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\com.zend.php.core\__language__\a231ab58\ZendLoader.php
[2011.05.25 15:46:13 | 000,004,071 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\com.zend.php.core\__language__\c2ca1c27\ZendLoader.php
[2011.05.25 15:47:54 | 000,011,310 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Loader.php
[2011.05.25 15:46:42 | 000,007,638 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\TypeLoader.php
[2011.05.25 15:46:42 | 000,002,950 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Application\Module\Autoloader.php
[2011.05.25 15:47:04 | 000,016,892 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Loader\Autoloader.php
[2011.05.25 15:47:04 | 000,014,749 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Loader\PluginLoader.php
[2011.05.25 15:47:28 | 000,010,495 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Search\Lucene\Index\DictionaryLoader.php
[2011.05.25 15:47:45 | 000,004,653 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Tool\Framework\Loader\BasicLoader.php
[2011.05.25 15:47:45 | 000,004,670 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Tool\Framework\Loader\IncludePathLoader.php
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011.02.05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.01.19 13:19:54 | 000,000,009 | ---- | M] () -- \Windows\Temp\ZendLoader.MemoryBase@SYSTEM@3391924446
[6056 \Windows\Temp\*.tmp files -> \Windows\Temp\*.tmp -> ]
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.12.10 02:29:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.12.10 02:29:58 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.12.10 02:29:58 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.12.10 02:29:58 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.12.10 02:29:58 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.27 07:18:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.27 07:18:32 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.27 07:18:32 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.27 07:18:32 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.27 07:18:33 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.12.10 02:26:03 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.03.09 15:05:16 | 000,134,928 | ---- | M] () -- \WWW\Zend\ZendServer\lib\loader\php-5.3.x\ZendLoader.dll

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >
[2009.07.31 10:27:52 | 000,000,750 | ---- | M] () -- \OEM\Preload\Autorun\APP\Arcade Deluxe v3.1\PCinema\Config\CopyRightNoDTS.ini
[2009.07.31 10:27:52 | 000,000,566 | ---- | M] () -- \OEM\Preload\Autorun\APP\Arcade Deluxe v3.1\PCinema\Config\CopyRightNoDTSNoDolby.ini
[2009.07.31 10:27:52 | 000,000,750 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Customizations\Generic\CopyRightNoDTS.ini
[2009.07.31 10:27:52 | 000,000,566 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Customizations\Generic\CopyRightNoDTSNoDolby.ini
[2009.08.03 22:34:16 | 000,000,566 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Customizations\Cyberlink\CopyRightNoDolby.ini
[2011.02.21 12:45:17 | 000,001,005 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz.zip
[2011.02.21 12:45:18 | 000,000,947 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz1.zip
[2011.02.21 12:45:20 | 000,000,797 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz2.zip
[2011.02.21 12:45:25 | 000,000,757 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz3.zip
[2011.02.21 12:45:25 | 000,000,744 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz4.zip
[2011.02.21 12:45:25 | 000,000,817 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\patnodkaz5.zip
[2011.02.21 12:45:17 | 000,001,005 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz.zip
[2011.02.21 12:45:18 | 000,000,947 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz1.zip
[2011.02.21 12:45:20 | 000,000,797 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz2.zip
[2011.02.21 12:45:25 | 000,000,757 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz3.zip
[2011.02.21 12:45:25 | 000,000,744 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz4.zip
[2011.02.21 12:45:25 | 000,000,817 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\patnodkaz5.zip

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >
[2011.06.23 13:01:58 | 000,002,162 | ---- | M] () -- \App\Apache Directory Studio\configuration\org.eclipse.osgi\bundles\26\1\.cp\org\apache\directory\studio\Activator.class
[2010.10.27 20:29:18 | 000,002,299 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.phpdocumentor_8.0.0.v20100906-1700\com\zend\php\phpdocumentor\PHPDocumentorActivator.class
[2010.10.27 20:29:18 | 000,001,640 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.zendserver.core_8.0.0.v20101025-1600\com\zend\php\zendserver\core\Activator.class
[2011.05.15 13:09:04 | 000,001,640 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\com.zend.php.zendserver.core_8.0.0.v20110405-1007\com\zend\php\zendserver\core\Activator.class

< *serial* /s >
[2011.04.05 11:39:33 | 000,039,680 | ---- | M] () -- \App\Java\jdk1.6.0_24\bin\serialver.exe
[2011.04.08 02:30:12 | 000,008,179 | ---- | M] () -- \App\NetBeans 7.0\javacard\JCDK3.0.2_ConnectedEdition\docs\apduio\apduiolib\serialized-form.html
[2009.04.09 00:30:36 | 000,055,991 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\agui10\serialized-form.html
[2009.04.09 00:29:34 | 000,267,165 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\serialized-form.html
[2009.04.09 00:27:30 | 000,013,638 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\NotSerializableException.html
[2009.04.09 00:30:48 | 000,012,374 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\Serializable.html
[2009.04.09 00:29:44 | 000,016,366 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\SerializablePermission.html
[2009.04.09 00:30:16 | 000,006,197 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\class-use\NotSerializableException.html
[2009.04.09 00:29:12 | 000,100,040 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\class-use\Serializable.html
[2009.04.09 00:28:22 | 000,008,596 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\io\class-use\SerializablePermission.html
[2009.04.09 00:31:40 | 000,301,579 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\serialized-form.html
[2009.04.09 00:27:12 | 000,013,712 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\NotSerializableException.html
[2009.04.09 00:31:12 | 000,013,172 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\Serializable.html
[2009.04.09 00:29:42 | 000,016,466 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\SerializablePermission.html
[2009.04.09 00:28:04 | 000,006,271 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\class-use\NotSerializableException.html
[2009.04.09 00:29:48 | 000,122,371 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\class-use\Serializable.html
[2009.04.09 00:28:22 | 000,008,670 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\io\class-use\SerializablePermission.html
[2009.04.09 00:28:46 | 000,026,002 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jaas10\serialized-form.html
[2009.04.09 00:28:20 | 000,010,813 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\serialized-form.html
[2009.04.09 00:30:16 | 000,006,910 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsr135\serialized-form.html
[2009.04.09 00:29:40 | 000,022,806 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsr172\serialized-form.html
[2009.04.09 00:31:02 | 000,097,949 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsr177\serialized-form.html
[2009.04.09 00:27:06 | 000,006,234 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsr211\serialized-form.html
[2009.04.09 00:28:30 | 000,006,337 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsr239\serialized-form.html
[2009.04.09 00:29:30 | 000,012,641 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\jsse10\serialized-form.html
[2009.04.09 00:28:54 | 000,423,163 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\serialized-form.html
[2009.04.09 00:30:06 | 000,013,101 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\NotSerializableException.html
[2009.04.09 00:29:28 | 000,012,548 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\Serializable.html
[2009.04.09 00:28:50 | 000,015,796 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\SerializablePermission.html
[2009.04.09 00:26:58 | 000,005,788 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\class-use\NotSerializableException.html
[2009.04.09 00:28:12 | 000,155,576 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\class-use\Serializable.html
[2009.04.09 00:27:56 | 000,008,141 | ---- | M] () -- \App\NetBeans 7.0\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\io\class-use\SerializablePermission.html
[2010.07.12 07:27:26 | 000,000,903 | ---- | M] () -- \App\PostgreSQL\EnterpriseDB-ApachePhp\apache\www\mediaWiki\serialized\serialize-localisation.php
[2010.07.12 07:27:26 | 000,001,710 | ---- | M] () -- \App\PostgreSQL\EnterpriseDB-ApachePhp\apache\www\mediaWiki\serialized\serialize.php
[2010.10.27 21:14:26 | 000,293,198 | ---- | M] () -- \App\Zend\Zend Studio - 8.0.0\plugins\org.apache.xml.serializer_2.7.1.v201005080400.jar
[2010.09.16 23:07:12 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.50917.0\System.Runtime.Serialization.dll
[2010.09.30 06:15:18 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.50917.0\System.Runtime.Serialization.ni.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.07.11 14:59:31 | 000,099,640 | ---- | M] () -- \Program Files (x86)\Stardock\Impulse\Sd.Central.Archive.XmlSerializers.dll
[2008.07.11 14:59:33 | 000,255,288 | ---- | M] () -- \Program Files (x86)\Stardock\Impulse\sd.central.cmp.server.XmlSerializers.dll
[2008.07.11 14:59:36 | 000,173,368 | ---- | M] () -- \Program Files (x86)\Stardock\Impulse\Sd.Common.XmlSerializers.dll
[2008.07.11 14:59:38 | 000,083,256 | ---- | M] () -- \Program Files (x86)\Stardock\Impulse\Sd.InstallManager.XmlSerializers.dll
[2008.07.11 14:59:44 | 000,050,488 | ---- | M] () -- \Program Files (x86)\Stardock\Impulse\Sd.Uninstall.XmlSerializers.dll
[2010.05.11 16:10:48 | 000,021,291 | ---- | M] () -- \Program Files (x86)\VMware\VMware Player\help\t_add_serial_port.html
[2010.05.11 16:10:48 | 000,019,047 | ---- | M] () -- \Program Files (x86)\VMware\VMware Player\help\t_configure_serial_port_settings.html
[2010.05.13 11:32:00 | 000,022,986 | ---- | M] () -- \Program Files (x86)\VMware\VMware Player\messages\ja\help\t_add_serial_port.html
[2010.05.13 11:32:00 | 000,020,139 | ---- | M] () -- \Program Files (x86)\VMware\VMware Player\messages\ja\help\t_configure_serial_port_settings.html
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.01.24 11:41:44 | 000,001,193 | ---- | M] () -- \Users\stoupa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YEDIPLCQ\serialize[1].js
[2012.01.03 23:27:30 | 000,004,812 | ---- | M] () -- \Users\stoupa\AppData\Roaming\Thunderbird\Profiles\24frza14.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\calendar-js\calIcsSerializer.js
[2011.05.25 15:47:54 | 000,005,879 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Serializer.php
[2011.05.25 15:46:42 | 000,002,118 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Deserializer.php
[2011.05.25 15:46:42 | 000,001,752 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Serializer.php
[2011.05.25 15:46:42 | 000,009,398 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Amf0\Deserializer.php
[2011.05.25 15:46:42 | 000,013,709 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Amf0\Serializer.php
[2011.05.25 15:46:42 | 000,015,623 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Amf3\Deserializer.php
[2011.05.25 15:46:42 | 000,018,287 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Amf\Parse\Amf3\Serializer.php
[2011.05.25 15:47:22 | 000,003,916 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Paginator\SerializableLimitIterator.php
[2011.05.25 15:47:34 | 000,002,912 | ---- | M] () -- \Users\stoupa\Zend\workspaces\DefaultWorkspace7\.metadata\.plugins\org.zend.php.framework.resource\resources\ZendFramework-1\library\Zend\Serializer\Adapter\PhpSerialize.php
[2009.12.10 02:29:22 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.12.10 02:29:36 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.11.02 12:23:51 | 000,271,872 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive.#\6582b05f18aa4ebeef4a95f498c0a60d\Sd.Central.Archive.XmlSerializers.ni.dll
[2011.11.02 12:23:53 | 000,463,872 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common.XmlSerial#\acdca461d8cb5ada8d314fafc4e4ebfc\Sd.Common.XmlSerializers.ni.dll
[2011.11.02 10:39:37 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.11.02 12:24:35 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011.11.02 12:30:26 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2011.11.02 10:35:17 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.12.10 02:29:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.12.10 02:29:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.12.10 02:29:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.12.10 02:29:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.12.10 02:29:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.12.10 02:29:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011.06.27 07:16:54 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.06.27 07:16:54 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.12.10 02:30:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.12.10 02:29:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.12.10 02:27:44 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.12.10 02:29:22 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.12.10 02:29:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.12.10 02:29:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.12.10 02:29:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.12.10 02:29:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"EgisTecLiveUpdate" = "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" -- [2009.08.04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
"BackupManagerTray" = "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k -- [2009.09.22 21:04:20 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
"LManager" = C:\Program Files (x86)\Launch Manager\LManager.exe -- [2009.08.18 08:38:32 | 000,825,864 | ---- | M] (Dritek System Inc.)
"VitaKeyPdtWzd" = "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe" -- [2009.08.28 07:45:36 | 003,567,616 | ---- | M] (Egis Technology Inc.)
"ArcadeDeluxeAgent" = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" -- [2009.10.06 14:18:26 | 000,419,112 | ---- | M] (CyberLink Corp.)
"PlayMovie" = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" -- [2009.10.05 19:15:10 | 000,181,480 | ---- | M] (Acer Corp.)
"VMware hqtray" = "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe" -- [2011.09.23 20:19:58 | 000,064,112 | ---- | M] (VMware, Inc.)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"T-Mobile Communication Centre" = "C:\App\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2011.06.30 12:35:20 | 001,363,984 | ---- | M] (Gemfor s.r.o.)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"EgisTecLiveUpdate" = "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" -- [2009.08.04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
"BackupManagerTray" = "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k -- [2009.09.22 21:04:20 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
"LManager" = C:\Program Files (x86)\Launch Manager\LManager.exe -- [2009.08.18 08:38:32 | 000,825,864 | ---- | M] (Dritek System Inc.)
"VitaKeyPdtWzd" = "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe" -- [2009.08.28 07:45:36 | 003,567,616 | ---- | M] (Egis Technology Inc.)
"ArcadeDeluxeAgent" = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" -- [2009.10.06 14:18:26 | 000,419,112 | ---- | M] (CyberLink Corp.)
"PlayMovie" = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" -- [2009.10.05 19:15:10 | 000,181,480 | ---- | M] (Acer Corp.)
"VMware hqtray" = "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe" -- [2011.09.23 20:19:58 | 000,064,112 | ---- | M] (VMware, Inc.)

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.28 07:44:25 | 000,000,512 | ---- | M] () MD5=ECCD9B6864B71336CECCDDA9CDFA6601 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\pssg\props\plains_manaDeviceCracked.PSSG.gz:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\cha_fidget_colossus_crack.tga:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\eff_animals_crackedearth.tga:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\preloaderBG.dds:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\campaignPreloader.gfx:crc
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1D32EC29

< End of report >

Re: Prosim o preventivku NB

Napsal: 28 led 2012 09:02
od stoupa101
OTL Extras logfile created on: 28.1.2012 7:41:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\tmp
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,31 Gb Available Physical Memory | 15,74% Memory free
4,18 Gb Paging File | 1,72 Gb Available in Paging File | 41,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 331,69 Gb Free Space | 73,68% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 162,79 Gb Free Space | 34,95% Space Free | Partition Type: NTFS

Computer Name: LEGUAN | User Name: stoupa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\App\PSPad\PSPad.exe (Prog-Soft s.r.o.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.txt [@ = txtfile] -- C:\App\PSPad\PSPad.exe (Prog-Soft s.r.o.)

[HKEY_USERS\S-1-5-21-2698489316-4078319972-4006630733-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- C:\Windows\NOTEPAD.EXE (Microsoft Corporation)
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\App\PSPad\PSPad.exe" "%1" (Prog-Soft s.r.o.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\App\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\App\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\App\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\App\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\App\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\App\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\App\PSPad\PSPad.exe" "%1" (Prog-Soft s.r.o.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\App\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\App\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\App\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\App\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\App\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\App\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24 (64-bit)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5A55A7F-73D6-4D36-85F8-9850635D6895}" = MySQL Server 5.5
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C938DFA9-B943-40A8-9680-02FC4D2E8551}" = ESET Smart Security
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E5267593-3DC9-4854-94E6-4DF672C93751}" = TortoiseHg 2.0.4 (x64)
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"nbi-glassfish-mod-3.1.43.0.0" = GlassFish Server Open Source Edition 3.1
"nbi-nb-base-7.0.0.0.0" = NetBeans IDE 7.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DF82C0A-38A7-4213-B3D7-9E7179F80065}" = calibre
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B095022-00FF-45D5-8717-3A20DFCB8C6B}" = RIFT
"{2D3858B1-226A-420D-9C9D-B51864E85429}" = Nuvoton CIR Device Driver
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3EA1D980-ABF5-4D33-A0D4-55E33644E1A7}" = CC3 Update 9
"{402F8EF6-D4F8-4E0C-B572-99D318A06FC7}" = Language Lab Demo
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCD581A-404A-483A-869D-109853007C32}" = HD Writer 2.0E for SX/SD
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AEE236C-0100-464B-BD2E-883AA70A5D73}" = IBM Data Server Runtime Client - DB2COPY1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.106.02280
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89C096A7-9A21-4402-9CD5-A09DA89551F0}" = PHP 5.2.11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A866CFA-66B9-46D1-93DA-DDCA802C635B}" = CC3
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{94B889E5-44A1-4DD5-BA54-51AC13AF704C}" = Zend Server
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A73D4BEE-2BBE-4285-BF6C-4B8C7C002100}" = Zend Studio 8.0.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}" = ZTE Drivers
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BE4F388F-E7B6-43E8-8856-6B74AC375A87}" = Media Go
"{C54C7C1F-4015-4217-8F16-8CF993C59793}" = MySQL Server 5.1
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD44D196-C200-4960-AE80-E9FACD2D9019}" = Kindle Collection Manager
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FCC662D1-01A8-4034-B67D-2AD91F723154}" = Acer Arcade Instant On
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Apache Directory Studio" = Apache Directory Studio - (remove only)
"AviSynth" = AviSynth 2.5
"Bloodline of the Fallen - Anna's Sacrifice1.0.1.0" = Bloodline of the Fallen - Anna's Sacrifice
"CC3" = CC3
"CC3 Update 9" = CC3 Update 9
"CCleaner" = CCleaner
"Clonk Endeavour" = Clonk Endeavour 4.95.5
"Columbus Ghost of the Mystery Stone1.0" = Columbus Ghost of the Mystery Stone
"Combined Community Codec Pack BETA_is1" = Combined Community Codec Pack BETA 2009-09-19
"Comical_is1" = Comical 0.8
"DjVuLibre+DjView" = DjVuLibre+DjView
"Drupal 6.16-1" = drupal 6.16
"Edraw UML Diagram_is1" = Edraw UML Diagram 5.1
"FastCAD" = FastCAD
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileZilla Client" = FileZilla Client 3.4.0
"Free Ape Player_is1" = Free Ape Player 1.5.1
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"GridVista" = Acer GridVista
"GSAK_is1" = GSAK 7.6.2.45 (Final)
"ID3-TagIT 3_is1" = ID3-TagIT 3
"Identity Card" = Identity Card
"Impulse" = Impulse
"InstallationWizard2" = Vivotek Installation Wizard 2
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{2B095022-00FF-45D5-8717-3A20DFCB8C6B}" = RIFT
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{94B889E5-44A1-4DD5-BA54-51AC13AF704C}" = Zend Server
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"Intelli-studio" = SAMSUNG Intelli-studio
"IrfanView" = IrfanView (remove only)
"Jukebox Jockey Media Player Pro 1_is1" = Jukebox Jockey Media Player Pro 1 1.2.2011.4.21
"JXplorer 3.2.1" = JXplorer
"LManager" = Launch Manager
"Loki Browser Plugin" = Loki Browser Plugin
"Maemo Flasher 3.5_is1" = Maemo Flasher 3.5
"mediaWiki 1.15.3-1" = mediaWiki 1.15.3
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Mozilla Thunderbird 9.0.1 (x86 cs)" = Mozilla Thunderbird 9.0.1 (x86 cs)
"Mp3tag" = Mp3tag v2.45a
"NSIS_oald8" = Oxford Advanced Learner's Dictionary - 8th Edition
"OnLive" = OnLive
"Opera 11.61.1250" = Opera 11.61
"Perpetuum" = Perpetuum
"Pidgin" = Pidgin
"PSPad editor_is1" = PSPad editor
"PSPVC" = PSPVC :: PSP Video Converter v3.75
"psqlODBC 08.04.0200-1" = psqlODBC 08.04.0200
"QUICKfind" = QUICKfind server v1.1
"RapidShare Manager" = RapidShare Manager
"RealPlayer 15.0" = RealPlayer
"SMPlayer" = SMPlayer 0.6.9
"ST7501" = VIVOTEK ST7501
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"The Mystery of Scoggins" = Puzzle Agent - The Mystery of Scoggins
"T-Mobile Communication Centre" = Web'n'walk Manager
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VMware_Player" = VMware Player
"Winamp" = Winamp
"WinArchiver" = WinArchiver
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.3.4
"Wireshark" = Wireshark 1.4.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2698489316-4078319972-4006630733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"ireasoning" = iReasoning MIB Browser (remove only)
"SOE-Magic The Gathering Tactics" = Magic The Gathering Tactics

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.1.2012 9:21:55 | Computer Name = leguan | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mpc-hc.exe, verze: 1.3.1281.0, časové razítko:
0x4ab421f0 Název chybujícího modulu: mpc-hc.exe, verze: 1.3.1281.0, časové razítko:
0x4ab421f0 Kód výjimky: 0xc0000005 Posun chyby: 0x0001f273 ID chybujícího procesu:
0x1e44 Čas spuštění chybující aplikace: 0x01ccd10537066f96 Cesta k chybující aplikaci:
C:\Program Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe ID zprávy:
64f5c9aa-3d20-11e1-82e4-961948358920

Error - 12.1.2012 12:10:51 | Computer Name = leguan | Source = Application Hang | ID = 1002
Description = Program mpc-hc.exe verze 1.3.1281.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
39b8 Čas spuštění: 01ccd140ff923d5c Čas ukončení: 79 Cesta k aplikaci: C:\Program
Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe ID hlášení: fb3c58af-3d37-11e1-82e4-961948358920


Error - 12.1.2012 13:40:11 | Computer Name = leguan | Source = System Restore | ID = 8193
Description =

Error - 12.1.2012 13:40:11 | Computer Name = leguan | Source = System Restore | ID = 8211
Description =

Error - 13.1.2012 9:07:29 | Computer Name = leguan | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.171.1
for ServerName .

Error - 15.1.2012 10:14:41 | Computer Name = LEGUAN | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 10.0.0.4
for ServerName .

Error - 15.1.2012 13:35:35 | Computer Name = leguan | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 10.0.0.4
for ServerName .

Error - 15.1.2012 22:46:04 | Computer Name = leguan | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\Samsung\Kies\External\firmwareupdate\AgentInstaller.exe
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\Samsung\Kies\External\firmwareupdate\AgentInstaller.exe.Config
na řádku 0. Neplatná syntaxe XML.

Error - 15.1.2012 22:46:04 | Computer Name = leguan | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\Samsung\Kies\External\firmwareupdate\AgentUpdate.exe
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\Samsung\Kies\External\firmwareupdate\AgentUpdate.exe.Config
na řádku 0. Neplatná syntaxe XML.

Error - 16.1.2012 13:01:22 | Computer Name = leguan | Source = RasClient | ID = 20227
Description =

[ Media Center Events ]
Error - 2.2.2010 16:48:28 | Computer Name = leguan | Source = ehRecvr | ID = 3
Description = Televizní karta zjistila chybu. (0xc0040524) LITEON BDA Digital Tuner
(Dev1 Path0)

Error - 2.2.2010 16:48:28 | Computer Name = leguan | Source = ehRecvr | ID = 3
Description = Televizní karta zjistila chybu. (0x80070001) LITEON BDA Digital Tuner
(Dev1 Path0)

Error - 2.3.2010 18:38:33 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 23:38:32 - Chyba při připojování k Internetu 23:38:32 - Nelze kontaktovat
server..

Error - 2.3.2010 18:38:48 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 23:38:38 - Chyba při připojování k Internetu 23:38:38 - Nelze kontaktovat
server..

Error - 26.3.2010 16:29:16 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 21:29:16 - Chyba při připojování k Internetu 21:29:16 - Nelze kontaktovat
server..

Error - 26.3.2010 16:29:37 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 21:29:21 - Chyba při připojování k Internetu 21:29:21 - Nelze kontaktovat
server..

Error - 20.4.2010 5:22:56 | Computer Name = leguan | Source = ehRecvr | ID = 3
Description = Televizní karta zjistila chybu. (0xc0040524) LITEON BDA Digital Tuner
(Dev1 Path0)

Error - 10.11.2010 4:38:23 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 9:37:45 - Chyba při připojování k Internetu 9:37:47 - Nelze kontaktovat
server..

Error - 11.11.2010 5:38:51 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 10:38:50 - Chyba při připojování k Internetu 10:38:51 - Nelze kontaktovat
server..

Error - 11.11.2010 5:39:07 | Computer Name = leguan | Source = MCUpdate | ID = 0
Description = 10:38:56 - Chyba při připojování k Internetu 10:38:56 - Nelze kontaktovat
server..

[ System Events ]
Error - 25.1.2012 16:49:47 | Computer Name = leguan | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 25.1.2012 16:50:10 | Computer Name = leguan | Source = Service Control Manager | ID = 7000
Description = Služba Apache2.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 25.1.2012 16:50:10 | Computer Name = leguan | Source = Service Control Manager | ID = 7024
Description = Služba Apache2.2-Zend ukončena s chybou %%1, specifickou pro službu.

Error - 25.1.2012 16:50:11 | Computer Name = leguan | Source = Service Control Manager | ID = 7000
Description = Služba MySQL neuspěla při spuštění v důsledku následující chyby: %%2

Error - 25.1.2012 16:50:12 | Computer Name = leguan | Source = Service Control Manager | ID = 7000
Description = Služba postgresql-8.4 - PostgreSQL Server 8.4 neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 25.1.2012 16:50:12 | Computer Name = leguan | Source = Service Control Manager | ID = 7001
Description = Služba ST7501 Uranus Watch Dog závisí na službě postgresql-8.4 - PostgreSQL
Server 8.4, která neuspěla při spuštění v důsledku následující chyby: %%2

Error - 25.1.2012 16:50:27 | Computer Name = leguan | Source = Service Control Manager | ID = 7034
Description = Služba MySQL_ZendServer51 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 26.1.2012 1:04:58 | Computer Name = leguan | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 26.1.2012 2:13:31 | Computer Name = leguan | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 27.1.2012 7:09:27 | Computer Name = leguan | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).


< End of report >

Re: Prosim o preventivku NB

Napsal: 28 led 2012 11:51
od Mc_Murphy
:!: Edituj oba příspěvky a odstraň je z Code - špatně se to luští a bolí z toho oči. Code je určen pouze nám rádcům pro tvorbu opravných scriptů, které není potřeba číst ani luštit.

Re: Prosim o preventivku NB

Napsal: 28 led 2012 13:00
od stoupa101
Opraveno

Re: Prosim o preventivku NB

Napsal: 28 led 2012 13:31
od Mc_Murphy
:???: Proč máš MBAM v běžících procesech? :?: Psal jsem Ti, ať jej odinstaluješ. Nepíšu ty návody pro srandu králíkům. :roll:

:arrow: Vyčisti si Plochu. Její adresář by měl mít maximálně tak 300 MB, jinak se bude systém dost brzdit.


:arrow: Znovu spusť OTL.
  • Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
  • Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
  • Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:Services
AdobeARMservice
gupdate
gupdatem
McComponentHostService

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4842y265
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: yslow@yahoo-inc.com:2.1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3c9761ad-a43d-4447-b924-f5d83cb48063}: C:\App\Zend\Zend Studio - 8.0.0\toolbars\firefox [2010.12.16 14:07:43 | 000,000,000 | ---D | M]
[2012.01.23 12:38:53 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-1.xml
[2010.12.09 11:35:33 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-2.xml
[2010.12.28 12:17:41 | 000,000,950 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin-3.xml
[2010.08.20 12:39:18 | 000,001,056 | ---- | M] () -- C:\Users\stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\xk82r5ph.default\searchplugins\icqplugin.xml
() (No name found) -- C:\USERS\STOUPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XK82R5PH.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O37 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2698489316-4078319972-4006630733-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c40714d5b04af66acd1cc52cc6d573d2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c40714d5b04af66acd1cc52cc6d573d2\*.tmp -> ]
[6056 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\pssg\props\plains_manaDeviceCracked.PSSG.gz:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\cha_fidget_colossus_crack.tga:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\particles\eff_animals_crackedearth.tga:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\preloaderBG.dds:crc
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\Magic The Gathering Tactics\export_win32\resources\gfx\campaignPreloader.gfx:crc
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1D32EC29

:Files
C:\ProgramData\Spybot - Search & Destroy
C:\Users\All Users\Spybot - Search & Destroy
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2698489316-4078319972-4006630733-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
  • Klikni na tlačítko [Opravit].
  • Po dokončení skenu se objeví log, ten mi sem vlož.
  • Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz