VIRY.CZ

zdravím, začal se mi cca před měsícem intenzivně zasekávat celý systém. Chvíli běží v pořádku, ale po pár minutách přestane vše reagovat. Správce úloh ukazuje konstantní zatížení CPU cca 90% z toho má na svědomí svchost.exe cca 75%. Prosím tedy o zkontrolování logu a případnou radu. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kuba at 2012-03-22 20:07:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 70 GB (15%) free of 462 GB
Total RAM: 4061 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:27, on 22.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\Kuba.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Kuba\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Unibet - {5D7B78C3-0AA6-4FEF-9721-247605591CFE} - C:\Microgaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kn.vutbr.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kn.vutbr.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = kn.vutbr.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USB Redirector Service (usbredirectorsrv) - Unknown owner - C:\Windows\system32\usbredirectorsrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9439 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 30743376
\??\C:\Windows\system32\conhost.exe "959567146-186269746764800905213070703441973444164-3995800376407810121264630387
atieclxx
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\usbredirectorsrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\CNAB4RPD.EXE
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\rundll32.exe "C:\Users\Kuba\AppData\Local\Google\Chrome\APPLIC~1\160912~1.63\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll" --lang=cs --channel=5748.08C49700.771352222 --flash-broker=5508 /prefetch:4
"C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=5748.07AEF780.347767826 /prefetch:3
"C:\Users\Kuba\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=5748.04B6FC00.660889730 /prefetch:3
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Kuba\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Kuba\AppData\Roaming\Complitly\64\Complitly64.dll [2011-10-27 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-02 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Kuba\AppData\Roaming\Complitly\Complitly.dll [2011-10-27 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-25 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{A29B2641-9931-448A-8DE7-B2D63BDC1812}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-26 1812776]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-06-29 444416]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-02 171520]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [2009-07-17 4968960]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-08 4030008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [2008-09-26 210208]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-03-05 1242448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-26 98304]
"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-06-25 140520]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-06-19 494064]
"NeroFilterCheck"=C:\Windows\SysWOW64\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-03-22 20:07:23 ----DC---- C:\Program Files\trend micro
2012-03-22 20:07:23 ----D---- C:\rsit
2012-03-19 21:28:42 ----DC---- C:\Program Files (x86)\ICQ7.7
2012-03-16 15:18:03 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-03-16 15:14:57 ----SHD---- C:\$RECYCLE.BIN
2012-03-16 14:51:59 ----A---- C:\ComboFix.txt
2012-03-16 14:38:17 ----D---- C:\Windows\temp
2012-03-16 13:40:09 ----DC---- C:\Program Files\CCleaner
2012-03-16 13:09:59 ----DC---- C:\Program Files (x86)\QS
2012-03-14 17:50:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 17:50:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 17:50:51 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-14 14:23:08 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 14:23:06 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 14:23:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 14:22:40 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 14:22:40 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 14:22:40 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 14:22:38 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 14:22:37 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 14:22:37 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 14:22:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-13 17:03:27 ----A---- C:\Windows\zip.exe
2012-03-13 17:03:27 ----A---- C:\Windows\SWSC.exe
2012-03-13 17:03:27 ----A---- C:\Windows\SWREG.exe
2012-03-13 17:03:27 ----A---- C:\Windows\sed.exe
2012-03-13 17:03:27 ----A---- C:\Windows\PEV.exe
2012-03-13 17:03:27 ----A---- C:\Windows\NIRCMD.exe
2012-03-13 17:03:27 ----A---- C:\Windows\MBR.exe
2012-03-13 17:03:27 ----A---- C:\Windows\grep.exe
2012-03-13 17:03:19 ----D---- C:\Windows\ERDNT
2012-03-13 17:02:40 ----D---- C:\Qoobox
2012-03-05 13:36:30 ----DC---- C:\Program Files (x86)\Steam
2012-02-25 10:40:12 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-02-25 10:40:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-02-25 10:40:12 ----A---- C:\Windows\SYSWOW64\java.exe
2012-02-25 10:40:03 ----DC---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2012-03-22 20:07:23 ----RDC---- C:\Program Files
2012-03-22 20:01:58 ----RDC---- C:\Program Files (x86)
2012-03-22 19:53:05 ----D---- C:\Windows\system32\config
2012-03-22 00:33:00 ----D---- C:\Users\Kuba\AppData\Roaming\ICQ
2012-03-20 20:53:57 ----SHD---- C:\System Volume Information
2012-03-19 21:29:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-19 21:25:36 ----D---- C:\Windows\system32\Tasks
2012-03-19 20:51:31 ----D---- C:\Windows\inf
2012-03-17 14:25:11 ----D---- C:\Windows\System32
2012-03-17 14:25:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-17 13:34:13 ----D---- C:\Windows\system32\LogFiles
2012-03-16 15:19:52 ----D---- C:\Windows\system32\drivers\etc
2012-03-16 15:17:57 ----D---- C:\Windows
2012-03-16 15:11:02 ----SHD---- C:\Windows\Installer
2012-03-16 14:46:57 ----RSD---- C:\Windows\assembly
2012-03-16 14:46:57 ----D---- C:\Windows\Microsoft.NET
2012-03-16 14:38:46 ----A---- C:\Windows\system.ini
2012-03-16 14:29:38 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-16 14:29:38 ----D---- C:\Windows\SysWOW64
2012-03-16 14:29:38 ----D---- C:\Windows\system32\drivers
2012-03-16 14:29:38 ----D---- C:\Windows\AppPatch
2012-03-16 14:29:36 ----DC---- C:\Program Files\Common Files
2012-03-16 14:29:36 ----D---- C:\Program Files (x86)\Common Files
2012-03-16 14:20:12 ----D---- C:\Windows\Prefetch
2012-03-16 13:42:55 ----D---- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
2012-03-16 13:42:37 ----D---- C:\Users\Kuba\AppData\Roaming\uTorrent
2012-03-16 13:42:37 ----D---- C:\Users\Kuba\AppData\Roaming\Skype
2012-03-16 13:42:16 ----D---- C:\Windows\SYSWOW64\LogFiles
2012-03-16 13:42:07 ----D---- C:\Windows\Panther
2012-03-16 13:42:07 ----D---- C:\Windows\ModemLogs
2012-03-16 13:42:03 ----D---- C:\Windows\Minidump
2012-03-16 13:42:03 ----D---- C:\Windows\Logs
2012-03-16 13:42:03 ----D---- C:\Windows\debug
2012-03-16 13:23:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-03-15 17:31:28 ----SD---- C:\Users\Kuba\AppData\Roaming\Microsoft
2012-03-14 21:44:04 ----D---- C:\Windows\winsxs
2012-03-14 17:51:00 ----D---- C:\Windows\system32\catroot
2012-03-14 17:50:58 ----D---- C:\Windows\system32\catroot2
2012-03-14 17:48:57 ----A---- C:\Windows\system32\MRT.exe
2012-03-13 17:17:24 ----D---- C:\Windows\Downloaded Program Files
2012-03-13 17:17:24 ----D---- C:\ProgramData
2012-03-05 10:39:43 ----D---- C:\Windows\system32\NDF
2012-03-03 16:50:04 ----D---- C:\Windows\rescache
2012-03-03 14:03:57 ----DC---- C:\LFS
2012-02-25 10:40:03 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-14 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2008-02-12 297496]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 dpnptls;IncentivesPro PnP Driver; \??\C:\Windows\system32\Drivers\dpnptls.sys [2010-02-03 46864]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-04 114192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-25 6036480]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-07-17 22520]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-17 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-02 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 21160]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-10 82048]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-06-29 487424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-26 272432]
R3 tusbdbus;Incentive Pro Virtual USB Host Controller; C:\Windows\system32\DRIVERS\tusbdbus.sys [2010-02-03 56848]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 79416]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 as3r38ik;as3r38ik; C:\Windows\system32\drivers\as3r38ik.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\Users\Jitka\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tusbd;IncentivesPro USB Driver; \??\C:\Windows\system32\Drivers\tusbd.sys [2010-02-03 26768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-08 974944]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [2009-06-29 240128]
R2 usbredirectorsrv;USB Redirector Service; C:\Windows\system32\usbredirectorsrv.exe [2010-02-03 576000]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-17 1030600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Mohl by mi prosím prosím někdo pomoci ?

Zdravim

Kdyz si sam odpovidate, tak se muze stat ze Vas prehledneme. Hledame primarne temata bez odpovedi

Poprosim i o druhy kog z RSIT s nazvem info.txt, je ulozen v c:\rsit

Zde je výpis:

info.txt logfile of random's system information tool 1.09 2012-03-22 20:07:30

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_0_1_Plugin.exe -maintain plugin
Adobe Reader 9.5.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
AeroFly-->MsiExec.exe /I{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5
AutoCAD Mechanical 2010-->C:\Program Files\Autodesk\ACADM 2010\Setup\Setup.exe /P {5783F2D7-8005-0405-0102-0060B0CE6BBA} /M ACAD /language cs-CZ
AutoCAD Mechanical 2010-->C:\Program Files\Autodesk\ACADM 2010\Setup\Setup.exe /P {5783F2D7-8005-0405-0102-0060B0CE6BBA} /M ACM /language cs-CZ
Autodesk Design Review 2011-->c:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {8D20B4D7-3422-4099-9332-39F27E617A6F} /M ADR
Autodesk Design Review Firefox Add-on v1.1 -->MsiExec.exe /I{669A37FF-A446-46F9-8AAE-EEC1988A2ADF}
Autodesk Inventor Content Center Libraries 2010 (Desktop Content)-->MsiExec.exe /X{EF90F06A-3B2D-48E3-8C7A-1F2210200476}
Autodesk Inventor Professional 2010 čeština (Czech)-->C:\Program Files\Autodesk\Inventor 2010\Setup\Setup.exe /P {144B2F95-E2C6-4317-94E7-0B9B03F133B7} /M INVENTOR /LANG cs-CZ
Autodesk Inventor Professional 2010-->MsiExec.exe /I{144B2F95-E2C6-4317-94E7-0B9B03F133B7}
Autodesk Inventor Professional 2010-->MsiExec.exe /I{F763AC14-3F26-4161-9567-11D5260AD4FE}
Borland Delphi 6-->MsiExec.exe /I{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A}
BS.Player PRO-->"C:\Program Files (x86)\Webteh\BSplayerPro\uninstall.exe"
Call of Duty(R) 2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Canon LBP2900-->C:\Program Files\Canon\PrnUninstall\Canon LBP2900\CNAB4UND.EXE
Catalyst Control Center - Branding-->MsiExec.exe /I{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
CoD 2 čeština 1.1-->"C:\Program Files (x86)\Activision\Call of Duty 2\main\unins000.exe"
Complitly-->"C:\Program Files (x86)\Complitly\unins000.exe"
Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
Dassault Systemes Software B19-->"C:\Program Files (x86)\Dassault Systemes\B19\intel_a\code\bin\Uninstall.exe" "C:\Program Files (x86)\Dassault Systemes\B19" "CODE" "GUI" "B19" "0"
Dassault Systemes Software Prerequisites x86-x64-->MsiExec.exe /X{CF1EB598-B424-436A-B15F-B763846BA970}
Dell Edoc Viewer-->MsiExec.exe /I{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
Dell Touchpad-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Dell Webcam Central-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9 /remove
Dell Wireless WLAN Card Utility-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Document Express DjVu Plug-in-->MsiExec.exe /I{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}
DWG TrueView 2010-->C:\Program Files\DWG TrueView 2010\Setup\Setup.exe /P {5783F2D7-8028-0409-0100-0060B0CE6BBA} /M AOEM /language en-US
DWG TrueView 2011-->C:\Program Files\Autodesk\DWG TrueView 2011\Setup\Setup.exe /P {5783F2D7-9028-0409-0100-0060B0CE6BBA} /M AOEM /language en-US
GotClip Downloader-->"C:\Program Files (x86)\GotClip\uninstall.exe"
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
ICQ7.7-->"C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 14 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416014FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
K-Lite Mega Codec Pack 5.1.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Live! Cam Avatar Creator-->C:\Program Files (x86)\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Mafia II-->"C:\Program Files (x86)\2K Games\Mafia II\unins000.exe"
MATLAB R2009b-->C:\Program Files\MATLAB\R2009b\uninstall\uninstall.exe C:\Program Files\MATLAB\R2009b\
Microsoft .NET Framework 4 Client Profile-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft redistributable runtime DLLs VS2005 SP1(x86)-->MsiExec.exe /I{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}
Microsoft Virtual PC 2007 SP1-->MsiExec.exe /X{AD483998-2E9A-4405-83FF-6E503AF49CBB}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4.0 redistributable-->MsiExec.exe /I{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}
Need for Speed Underground 2-->C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
Nero 7 Demo-->MsiExec.exe /I{53AFF171-481D-64FA-0DA4-1CA0ABF01029}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
PhotoFiltre-->"C:\Program Files (x86)\PhotoFiltre\Uninst.exe"
Pinnacle Studio 14-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
Pinnacle Studio Ultimate Collection Plugins-->MsiExec.exe /I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
PowerDVD DX-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x9 -cluninstall
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
Rapture3D 2.3.22 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Roxio Burn-->C:\ProgramData\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}
Roxio Burn-->MsiExec.exe /I{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}
Roxio Update Manager-->MsiExec.exe /I{04F3038E-4120-44CC-B330-E05F737246A5}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Software Bluetooth WIDCOMM-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Soldat 1.4.2-->"C:\Soldat\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Switch Sound File Converter-->C:\Program Files (x86)\NCH Software\Switch\uninst.exe
TmUnitedForever Update 2010-03-15-->"C:\Program Files (x86)\TmUnitedForever\unins000.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
USB Redirector-->C:\Program Files\USB Redirector\uninstall.exe
VDownloader 3.0.733-->"C:\Program Files (x86)\VDownloader\unins000.exe"
Video Convert Master 8.0.8.24-->"C:\Program Files (x86)\Video Convert Master\unins000.exe"
Virtual DJ - Atomix Productions-->C:\PROGRA~2\VIRTUA~1\UNWISE.EXE C:\PROGRA~2\VIRTUA~1\INSTALL.LOG
VLC media player 1.1.4-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WavePad Sound Editor-->C:\Program Files (x86)\NCH Software\WavePad\uninst.exe
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Word Manager-->C:\Program Files (x86)\Vitware\Word Manager\uninstall.exe
ZAV 4.48 (32bit)-->"C:\Program Files (x86)\ZAV1\unins000.exe"
Zoner Photo Studio 10-->"C:\Program Files (x86)\Zoner\Photo Studio 10\unins000.exe" /SILENT

======System event log======

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1014
Message: Překlad názvu kn.vutbr.cz nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 260884
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111213095137.046618-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1014
Message: Překlad názvu kn.vutbr.cz nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 260883
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111213095137.020616-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1014
Message: Překlad názvu kn.vutbr.cz nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 260882
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111213095102.062617-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1014
Message: Překlad názvu kn.vutbr.cz nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 260881
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111213095102.036615-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1014
Message: Překlad názvu kn.vutbr.cz nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 260880
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20111213095049.590903-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1001
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně odstraněny. Data záznamu obsahují nové hodnoty položek Last Counter a Last Help systémového registru.
Record Number: 7996
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100929164003.208482-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1001
Message: Chybný blok 1257635042, typ 5
Název události: MSHTMLLAYOUTHARDASSERT
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: iexplore.exe
P2: 8.00.7600.16385 (win7_rtm.090713-1255)
P3: mshtml.dll
P4: 8.00.7600.16385 (win7_rtm.090713-1255)
P5: 0x002B72BB
P6:
P7:
P8:
P9:
P10:

Připojené soubory:

Tyto soubory mohou být k dispozici zde:
C:\Users\Kuba\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_bc2bc41786dac936558a2bc94899685a5832ed_0c2336e8

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 26d7af5c-cbe6-11df-b1c2-0026b912467b
Stav hlášení: 0
Record Number: 7995
Source Name: Windows Error Reporting
Time Written: 20100929162540.000000-000
Event Type: Informace
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1001
Message: Chybný blok , typ 0
Název události: BlueScreen
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Minidump\042610-30373-01.dmp
C:\Users\Kuba\AppData\Local\Temp\WER-82399-0.sysdata.xml
C:\Users\Kuba\AppData\Local\Temp\WER227E.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_0b2a228d

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 042610-30373-01
Stav hlášení: 0
Record Number: 7994
Source Name: Windows Error Reporting
Time Written: 20100929161955.000000-000
Event Type: Informace
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1001
Message: Chybný blok , typ 0
Název události: BlueScreen
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Minidump\042610-37565-01.dmp
C:\Users\Kuba\AppData\Local\Temp\WER-82399-0.sysdata.xml
C:\Users\Kuba\AppData\Local\Temp\WER21F1.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Kernel_0_0_cab_0b2a21f1

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 042610-37565-01
Stav hlášení: 0
Record Number: 7993
Source Name: Windows Error Reporting
Time Written: 20100929161955.000000-000
Event Type: Informace
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 4107
Message: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Record Number: 7992
Source Name: Microsoft-Windows-CAPI2
Time Written: 20100929161420.541246-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0xc642
Record Number: 59021
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111010065817.937634-000
Event Type: Úspěšný audit
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 59020
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111010065817.890834-000
Event Type: Úspěšný audit
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 59019
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111010065817.890834-000
Event Type: Úspěšný audit
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 59018
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111009202551.974546-000
Event Type: Úspěšný audit
User:

Computer Name: a03-0730a.kn.vutbr.cz
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 59017
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111009202547.590938-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Dell\Dell Wireless WLAN Card;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\WIDCOMM\Bluetooth Software;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Pinnacle\Shared Files;C:\Program Files\MATLAB\R2009b\runtime\win64;C:\Program Files\MATLAB\R2009b\bin;C:\PROGRA~2\Borland\Delphi6\Bin;C:\PROGRA~2\Borland\Delphi6\Projects\Bpl
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"OMP_NUM_THREADS"=2
"RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 12-03-28.02 - Kuba 28.03.2012 16:11:39.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2769 [GMT 2:00]
Spuštěný z: c:\users\Kuba\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 13:39 . 2012-03-28 13:39 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3162057E-455E-498E-8EE7-76B878C19347}\offreg.dll
2012-03-27 17:23 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3162057E-455E-498E-8EE7-76B878C19347}\mpengine.dll
2012-03-22 19:07 . 2012-03-22 19:07 -------- d-----w- C:\rsit
2012-03-22 19:07 . 2012-03-22 19:07 -------- dc----w- c:\program files\trend micro
2012-03-19 20:28 . 2012-03-19 20:32 -------- dc----w- c:\program files (x86)\ICQ7.7
2012-03-19 20:25 . 2012-03-28 12:40 -------- d-----w- c:\users\Kuba\AppData\Local\ElevatedDiagnostics
2012-03-16 12:40 . 2012-03-16 12:40 -------- dc----w- c:\program files\CCleaner
2012-03-16 12:09 . 2012-03-16 12:09 -------- dc----w- c:\program files (x86)\QS
2012-03-14 16:50 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:50 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:50 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 13:23 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 13:23 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 13:23 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 13:22 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 13:22 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:22 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:22 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 13:22 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 13:22 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:22 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-05 12:36 . 2012-03-05 12:36 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-05 12:36 . 2012-03-28 13:56 -------- dc----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 09:40 . 2010-05-24 18:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-23 08:18 . 2010-01-28 20:10 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-21 14:43 . 2011-09-19 08:34 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-14 09:40 . 2012-02-14 09:40 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-01-15 07:48 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-15 07:48 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-04 10:44 . 2012-02-16 12:34 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 12:34 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 12:30 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 12:30 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2010-01-26 09:11 . 2010-12-19 19:33 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-03-16_13.38.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-02 13:37 . 2012-03-28 13:20 55886 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-28 13:20 45624 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-13 22:44 . 2012-03-28 13:20 20984 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1597830692-3420299529-3317110022-1007_UserData.bin
+ 2010-01-07 14:05 . 2012-03-19 20:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 14:05 . 2012-03-16 13:37 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 14:05 . 2012-03-16 13:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-07 14:05 . 2012-03-19 20:29 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-16 13:37 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-19 20:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 16:23 . 2012-03-16 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 16:23 . 2012-03-28 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 16:23 . 2012-03-28 13:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-07 16:23 . 2012-03-16 13:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-07 16:23 . 2012-03-28 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 16:23 . 2012-03-16 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 14:10 . 2012-03-16 13:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 14:10 . 2012-03-28 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 14:10 . 2012-03-16 13:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-07 14:10 . 2012-03-28 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-02 13:32 . 2012-03-16 13:18 13228 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2009-12-02 13:32 . 2012-03-28 13:17 13228 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-03-16 13:46 . 2012-03-16 13:46 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\f137c53afae3903f20eba1fa0f8f8dad\System.Xml.Serialization.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 70656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml.Hosting\d4c98757d64684477081d5f200e875c1\System.Xaml.Hosting.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\ef151d5b49d8b0d0052d05fc56d25107\System.Windows.Presentation.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Routing\8295dbd8d0d3dbbfac33aa7dc15c8d29\System.Web.Routing.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\2b458d13f6e3900827854507ba765d2e\System.Web.DynamicData.Design.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\c5b08a1a9a7a97922af50f30b5e32268\System.Web.ApplicationServices.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Abstract#\46c50dbb9de3e13078242f8b3b32e4fe\System.Web.Abstractions.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 13824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\f0042f79d36bedda0e99e2892bb02fe7\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\5b53a87f7799ee5454e4fb8faece3a82\System.AddIn.Contract.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 47616 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Workflow.#\64fd2fd1812f2536afaec66752707952\Microsoft.Workflow.Compiler.ni.exe
+ 2012-03-16 13:39 . 2012-03-16 13:39 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\a4e98103e5d36bf22ef19c64442543f2\Microsoft.VisualC.ni.dll
+ 2010-02-03 19:23 . 2012-03-24 20:51 5636 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2010-02-03 19:23 . 2012-03-12 17:22 5636 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-03-16 13:18 . 2012-03-16 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 13:18 . 2012-03-28 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-16 13:18 . 2012-03-16 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-28 13:18 . 2012-03-28 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-07 14:16 . 2012-03-25 20:09 619898 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-03-28 13:23 653060 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-16 12:23 653060 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2012-03-16 12:23 668358 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2012-03-28 13:23 668358 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-03-16 12:23 121992 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-28 13:23 121992 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2012-03-16 12:23 141062 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2012-03-28 13:23 141062 c:\windows\system32\perfc005.dat
+ 2012-03-16 14:18 . 2012-03-16 14:18 599072 c:\windows\system32\FNTCACHE.DAT
- 2012-03-16 12:53 . 2012-03-16 12:54 599072 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:12 . 2012-03-16 13:37 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-03-17 12:44 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-03-16 13:18 489112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-28 13:17 489112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-16 13:46 . 2012-03-16 13:46 553984 c:\windows\assembly\NativeImages_v4.0.30319_64\XamlBuildTask\ce782fd1260cae5ae699b71e0d812d83\XamlBuildTask.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 462336 c:\windows\assembly\NativeImages_v4.0.30319_64\WsatConfig\eac69863f449fe367f746d5f0a350679\WsatConfig.ni.exe
+ 2012-03-16 13:46 . 2012-03-16 13:46 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d05858dd730eef93a5e4a3cc88dd4ec3\WindowsFormsIntegration.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\b2a2a1fb4e1313088250b334b3af2a15\UIAutomationTypes.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\89414bab411eb27c7c181df81b4d36a5\UIAutomationProvider.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd55f47d44c3695862bc047b8e86fcd3\UIAutomationClient.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\910d557d55f4fc7bb51ace0546bd3c50\System.Xml.Linq.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\dcb9e1eaa1491094f79c3288b8c78830\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\cbbafa4beae62e36534fe49eb2018c0b\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 314880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.RegularE#\ebfbacf10670251b2db61f2cbca08af3\System.Web.RegularExpressions.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\ae212f98035c56e3afef587327872f59\System.Web.Entity.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\fc1fc26fb70875a7316ce94536e2bf57\System.Web.Entity.Design.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\4f6f5611091cf04590731745a34de340\System.Web.DynamicData.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\5a490156ae434d704b39404e9647f08f\System.Web.DataVisualization.Design.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\922f3f17f5112441e77f9d3d56d5b753\System.Transactions.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\73874670b92afbde73b23e8a1200eede\System.ServiceProcess.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\909c8d76773648809478644ac50a21eb\System.ServiceModel.Routing.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 587776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\7bb3d57e54fb2ce288cfe4cacd43a893\System.ServiceModel.Activation.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\26db69101f5bcf148fd962f00c0e78dd\System.ServiceModel.Channels.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\878946615037b9d5f09916c598420dc1\System.Security.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\73cc698ccc98e37f53cdbff3687a921c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 995328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\2da997f0d78859f06d72fcc61fc1a36f\System.Runtime.Remoting.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 311296 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Cach#\c64bdda4c5b1008a50130456a416e688\System.Runtime.Caching.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\8064e773b9addf027658899e27e94c7b\System.Numerics.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\a46d5472536da900435885b28a19eda8\System.Net.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\ae0089b9135614de304ebe288fa6fca8\System.Messaging.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\3ad050d3f47352421e05b7707ddd3524\System.Management.Instrumentation.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\87efa405cd384d2c47380467fcd7ea86\System.IO.Log.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\50ccc897ad714e66f750ca1e51e0ffde\System.IdentityModel.Selectors.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.Wrapper.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\cbc3e5d028dd347a294096f068a053d4\System.Dynamic.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 289792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\af04fce546a43c407b9ede1a77f272b6\System.Drawing.Design.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1ae0a8a9eb92ccaf900f5911740b2c3c\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\9edded64312f5cbae54a093eca246aaa\System.Device.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 662528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\18dc9d6390f0fbbd47581cb3ea6567c6\System.Data.Services.Design.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\db296a100034c7dee5f80219f0542df7\System.Data.DataSetExtensions.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\0f771cbf8b32ae1618f4cd4266337b3c\System.Configuration.Install.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\501ad39b1ef6f43e8dc92a4efa7c35ea\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\f8c6e4854178bb4d928c8aec1c04648d\System.AddIn.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\3503e3c2a87db97b720c0ed8a5d59f61\System.Activities.DurableInstancing.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\30cf4fc2c247cf490879f5436c63017c\SMSvcHost.ni.exe
+ 2012-03-16 13:41 . 2012-03-16 13:41 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\b4f75962376771b6b6d39279d780abba\SMDiagnostics.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eaca48940ac6976d39d5de4d5b42fed6\PresentationFramework.Royale.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\bdb41ce9ab6d561ddb8107255daaee30\PresentationFramework.Luna.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\78310f7eef84b5f9ca4bf32798bd77f9\PresentationFramework.Aero.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\64b86aebea22fd357f22384757caed3f\PresentationFramework.Classic.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 364544 c:\windows\assembly\NativeImages_v4.0.30319_64\MSBuild\fe507be01e652c9d1577ed3c82bc0725\MSBuild.ni.exe
+ 2012-03-16 13:39 . 2012-03-16 13:39 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\480ae0610a44148c6532d3d134f9956f\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\16bf3be602620d349b25e6c2d08199a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-16 13:40 . 2012-03-16 13:40 851456 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Uti#\ef49e94c2b9e293e658979ba193686c7\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 353792 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Fra#\f03be672b1993e4a2dee05f0c99cf27a\Microsoft.Build.Framework.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\f6b9abf9cd43524102ad9be82b7136d0\CustomMarshalers.ni.dll
+ 2010-03-17 14:21 . 2012-03-18 23:42 1200560 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-04-21 11:41 . 2012-03-28 13:17 2942094 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1597830692-3420299529-3317110022-1007-12288.dat
+ 2012-03-16 13:40 . 2012-03-16 13:40 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\02198c29552545c7d7e7a95ab39488e5\WindowsBase.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d1d48cd30cd275b06fad70778798cae7\UIAutomationClientsideProviders.ni.dll
+ 2012-03-16 13:38 . 2012-03-16 13:38 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ecdcf3d1d7bc90546464d70a4bee843d\System.Xml.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\3a9670f473f8f9291ca256d9a15fc281\System.Xaml.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 1601024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\7c63d28d59e41ae8e5bb5b8e50841e21\System.WorkflowServices.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 2887168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Run#\e4b0b5a166ae5bcbf921d0ae8f461f33\System.Workflow.Runtime.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 5909504 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\0d94daa82d426e57c7084542bf36d25c\System.Workflow.ComponentModel.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 3743744 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\ea6ba9a3cc1b2640d807ef23e02fef02\System.Workflow.Activities.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\455d5edfdc989057a8fea7bc88a02ef6\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 2287104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\97b05378b616e023221f9c6072239168\System.Web.Services.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 2964480 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\53ceacfb78d2a4a0497e5c06df4feec0\System.Web.Mobile.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 1100800 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\cdc1f95ddc4c4cf20630490b7a1ab044\System.Web.Extensions.Design.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\8562144b72380768c1489a7b1a584fc4\System.Web.Extensions.ni.dll
+ 2012-03-16 13:46 . 2012-03-16 13:46 5599232 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\f119a8e910ca7aee618c10112191db26\System.Web.DataVisualization.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\561e5a115d6d7ade93236df74d61af84\System.Speech.ni.dll
+ 2012-03-16 13:44 . 2012-03-16 13:44 1506816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\8b0750707e418bbea8a7eed272890585\System.ServiceModel.Web.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4606cac0ba2d406b4ddefca21a3db1eb\System.ServiceModel.Activities.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\28b5d075cf252a24a6b007ff5941dce1\System.ServiceModel.Discovery.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\1a361129f93a8190d8797b7c680baecc\System.Runtime.Serialization.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\2c57eff357f1bc56d0367f04adcf6d76\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7668fa73a73410f2e00d341a8684e28a\System.Printing.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2280764a011295483642b17fe5d2b1f7\System.Management.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\a77730a57cc54142f1ecbb1e85060e5f\System.IdentityModel.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 2290176 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5b5fe518d1a632afaae9f24dd18cee2f\System.Drawing.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\60390cb3abc6f1d85a572c156d39fc02\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\5eaf17b571cf9fb6f159a0c92d6244ab\System.DirectoryServices.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\0ce1b3a9a0192c2cdb16d848e78e6688\System.Deployment.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\ca4a0bde02b2eb73d2e9f22925719ecf\System.Data.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\657b967b5fd7819f273f5704197ce97e\System.Data.SqlXml.ni.dll
+ 2012-03-16 13:44 . 2012-03-16 13:44 2703360 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Services\b5d6361ffc4e2ab8b2fa989e65267668\System.Data.Services.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\930a4b48234d358f2758f075be0684c5\System.Data.Services.Client.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 1498112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.OracleC#\f1e8508072fb84206550bc497dc5b49c\System.Data.OracleClient.ni.dll
+ 2012-03-16 13:44 . 2012-03-16 13:44 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\0ba3ab7e136a52fcba260ad7893ede32\System.Data.Linq.ni.dll
+ 2012-03-16 13:44 . 2012-03-16 13:44 1750528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity.#\463d0d0f836d6286345ae0e7a980d609\System.Data.Entity.Design.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\5a66bc1859e864d87b81e31438a5f07d\System.ComponentModel.Composition.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\f25d1dde40ef0128d9e5163d142bd2e2\System.Activities.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\26671ab09e54e0ecfd23012e32cb6383\System.Activities.Presentation.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\e9f6686e336507594e33cad6ed7814cd\System.Activities.Core.Presentation.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\9c49a7b6fb133a307e3804ca7ba35d16\ReachFramework.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\68d02e44d8b1f23c21a116119fbb65d0\PresentationUI.ni.dll
+ 2012-03-16 13:40 . 2012-03-16 13:40 1891328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationBuildTa#\2876e05f3ce0df4f38abe04c9bec2e8c\PresentationBuildTasks.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\54ab341a252461dbdcde4d460d17d85f\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\1903f5de0c7c33993c55319d4fc3062e\Microsoft.VisualBasic.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\15b88fefd6d638f01856a68c14e2ab9b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2d92f0cffe052f601c1bca1f52425fef\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\0fbfc1087f7622c5b6b06f88fce1a45e\Microsoft.JScript.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\83f53b455553f5ad67e756f6762dc3b4\Microsoft.CSharp.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 6004736 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build\5417f88ad5b4444a5f1e744fcd8ac9cc\Microsoft.Build.ni.dll
+ 2012-03-16 13:43 . 2012-03-16 13:43 3820544 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\ff91cc20786f3ccd7f8efd9c32b969e7\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 2521088 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Eng#\0220591dc78673b4efa66d7848de3f54\Microsoft.Build.Engine.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f850dba642b0cc845d9a7d8ac300e243\System.Windows.Forms.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\2605cdaf34cca062227586a12c495d24\System.Web.ni.dll
+ 2012-03-16 13:45 . 2012-03-16 13:45 24551424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\bd433ada9b2565b666331b5b1276538a\System.ServiceModel.ni.dll
+ 2012-03-16 13:42 . 2012-03-16 13:42 13300736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\a947e015cf07f17b4e06ef4b1120bf6f\System.Design.ni.dll
+ 2012-03-16 13:44 . 2012-03-16 13:44 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9aca7097fc620da8481516b2d4e3fede\System.Data.Entity.ni.dll
+ 2012-03-16 13:39 . 2012-03-16 13:39 10440704 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\e91a0d844afdda429e0fbd9814f41134\System.Core.ni.dll
+ 2012-03-16 13:41 . 2012-03-16 13:41 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\8a4ac50c706da226242a99b871c9f981\PresentationFramework.ni.dll
+ 2012-03-16 13:40 . 2012-03-16 13:40 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\b0adff19c63ba3b4be1cae43567af15d\PresentationCore.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-03-05 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
"NeroFilterCheck"="c:\windows\SysWOW64\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE [2010-12-22 60384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-17 1030600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tusbd;IncentivesPro USB Driver;c:\windows\system32\Drivers\tusbd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 dpnptls;IncentivesPro PnP Driver;c:\windows\system32\Drivers\dpnptls.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-08 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 usbredirectorsrv;USB Redirector Service;c:\windows\system32\usbredirectorsrv.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 tusbdbus;Incentive Pro Virtual USB Host Controller;c:\windows\system32\DRIVERS\tusbdbus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-02 171520]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-08 4030008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 147.229.191.143 147.229.190.143
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
WebBrowser-{A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\SecuROM\License information*]
"datasecu"=hex:c5,4d,d7,0a,a1,e3,0c,c7,d7,da,4b,19,50,cc,36,63,43,bf,fb,60,86,
8b,16,59,4f,64,f6,b2,67,19,9f,f1,fd,ab,67,0f,36,4e,5d,53,69,b1,c0,d6,d8,47,\
"rkeysecu"=hex:a2,43,72,20,11,40,de,f6,85,3f,0e,16,53,92,22,f5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-28 16:26:32
ComboFix-quarantined-files.txt 2012-03-28 14:26
ComboFix2.txt 2012-03-16 13:51
ComboFix3.txt 2012-03-13 17:01
ComboFix4.txt 2012-03-13 16:27
.
Před spuštěním: Volných bajtů: 68 820 013 056
Po spuštění: Volných bajtů: 68 913 131 520
.
- - End Of File - - DB3E9E8A749B27ECF089E82B3862AE47

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Moc děkuji za instrukce rychlé jednání

ComboFix 12-03-28.02 - Kuba 29.03.2012 21:06:03.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2827 [GMT 2:00]
Spuštěný z: c:\users\Kuba\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kuba\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-29 )))))))))))))))))))))))))))))))
.
.
2012-03-29 19:16 . 2012-03-29 19:16 -------- d-----w- c:\users\zdislav\AppData\Local\temp
2012-03-29 19:16 . 2012-03-29 19:16 -------- d-----w- c:\users\user\AppData\Local\temp
2012-03-29 19:16 . 2012-03-29 19:16 -------- d-----w- c:\users\Jitka\AppData\Local\temp
2012-03-29 19:16 . 2012-03-29 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:23 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3162057E-455E-498E-8EE7-76B878C19347}\mpengine.dll
2012-03-22 19:07 . 2012-03-22 19:07 -------- d-----w- C:\rsit
2012-03-22 19:07 . 2012-03-22 19:07 -------- dc----w- c:\program files\trend micro
2012-03-19 20:28 . 2012-03-19 20:32 -------- dc----w- c:\program files (x86)\ICQ7.7
2012-03-16 12:40 . 2012-03-16 12:40 -------- dc----w- c:\program files\CCleaner
2012-03-16 12:09 . 2012-03-16 12:09 -------- dc----w- c:\program files (x86)\QS
2012-03-14 16:50 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:50 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:50 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 13:23 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 13:23 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 13:23 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 13:22 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 13:22 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:22 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:22 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 13:22 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 13:22 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:22 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-05 12:36 . 2012-03-05 12:36 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-05 12:36 . 2012-03-29 15:46 -------- dc----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 09:40 . 2010-05-24 18:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-23 08:18 . 2010-01-28 20:10 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-21 14:43 . 2011-09-19 08:34 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-14 09:40 . 2012-02-14 09:40 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-01-15 07:48 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-15 07:48 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-04 10:44 . 2012-02-16 12:34 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 12:34 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2010-01-26 09:11 . 2010-12-19 19:33 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-03-28_14.23.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-02 13:37 . 2012-03-29 19:20 56128 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-03-28 13:20 45624 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-29 19:20 45624 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-13 22:44 . 2012-03-29 19:20 21530 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1597830692-3420299529-3317110022-1007_UserData.bin
+ 2010-01-07 14:05 . 2012-03-28 14:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 14:05 . 2012-03-19 20:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 14:05 . 2012-03-28 14:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-07 14:05 . 2012-03-19 20:29 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-19 20:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 14:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 16:23 . 2012-03-28 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 16:23 . 2012-03-29 14:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 16:23 . 2012-03-28 13:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-07 16:23 . 2012-03-29 14:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-07 16:23 . 2012-03-29 14:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 16:23 . 2012-03-28 13:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-07 14:10 . 2012-03-28 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-07 14:10 . 2012-03-29 19:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-07 14:10 . 2012-03-28 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-07 14:10 . 2012-03-29 19:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-02 13:32 . 2012-03-29 19:17 14317 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-03-29 19:18 . 2012-03-29 19:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-28 13:18 . 2012-03-28 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-28 13:18 . 2012-03-28 13:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-29 19:18 . 2012-03-29 19:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-07 14:16 . 2012-03-28 15:25 620576 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-03-29 14:59 653060 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-28 13:23 653060 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2012-03-28 13:23 668358 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2012-03-29 14:59 668358 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-03-29 14:59 121992 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-28 13:23 121992 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2012-03-28 13:23 141062 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2012-03-29 14:59 141062 c:\windows\system32\perfc005.dat
- 2012-03-16 14:18 . 2012-03-16 14:18 599072 c:\windows\system32\FNTCACHE.DAT
+ 2012-03-29 19:17 . 2012-03-29 19:18 599072 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:01 . 2012-03-29 19:17 489112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-28 13:17 489112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-21 11:41 . 2012-03-29 19:17 2942094 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1597830692-3420299529-3317110022-1007-12288.dat
- 2011-04-21 11:41 . 2012-03-28 13:17 2942094 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1597830692-3420299529-3317110022-1007-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE [2010-12-22 60384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-17 1030600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tusbd;IncentivesPro USB Driver;c:\windows\system32\Drivers\tusbd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 dpnptls;IncentivesPro PnP Driver;c:\windows\system32\Drivers\dpnptls.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-08 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 usbredirectorsrv;USB Redirector Service;c:\windows\system32\usbredirectorsrv.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 tusbdbus;Incentive Pro Virtual USB Host Controller;c:\windows\system32\DRIVERS\tusbdbus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-02 171520]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-08 4030008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 147.229.191.143 147.229.190.143
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\SecuROM\License information*]
"datasecu"=hex:c5,4d,d7,0a,a1,e3,0c,c7,d7,da,4b,19,50,cc,36,63,43,bf,fb,60,86,
8b,16,59,4f,64,f6,b2,67,19,9f,f1,fd,ab,67,0f,36,4e,5d,53,69,b1,c0,d6,d8,47,\
"rkeysecu"=hex:a2,43,72,20,11,40,de,f6,85,3f,0e,16,53,92,22,f5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Celkový čas: 2012-03-29 21:30:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-29 19:30
ComboFix2.txt 2012-03-28 14:26
ComboFix3.txt 2012-03-16 13:51
ComboFix4.txt 2012-03-13 17:01
ComboFix5.txt 2012-03-29 19:03
.
Před spuštěním: Volných bajtů: 71 290 523 648
Po spuštění: Volných bajtů: 71 615 074 304
.
- - End Of File - - F05B733CF37C993588F6154BB93C57E0

Neni zac jak se chova nas pacient

Pacient stále zlobí, po určité době po zapnutí naskočí opět na první místo proces svchost.exe a vytěžuje CPU. Jsou ještě nějáké další možnosti ?

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 2.4.2012 11:32:12 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kuba\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 70,01% Memory free
7,93 Gb Paging File | 6,52 Gb Available in Paging File | 82,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 66,07 Gb Free Space | 14,65% Space Free | Partition Type: NTFS

Computer Name: A03-0730A | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.04.02 11:27:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2011.09.08 07:34:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009.07.02 02:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.06.25 04:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.06.25 00:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2008.09.26 17:19:04 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

========== Modules (No Company Name) ==========

MOD - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.08 07:34:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.03.17 16:12:00 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.02.03 15:05:22 | 000,576,000 | ---- | M] (Incentives Pro) [Auto | Running] -- C:\Windows\SysNative\usbredirectorsrv.exe -- (usbredirectorsrv)
SRV:64bit: - [2009.07.17 03:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.02 02:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.06.25 12:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.03.16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.08.09 13:57:12 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.04.14 16:36:18 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.10 16:32:17 | 000,082,048 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.02.03 15:05:22 | 000,056,848 | ---- | M] (Incentives Pro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tusbdbus.sys -- (tusbdbus)
DRV:64bit: - [2010.02.03 15:05:22 | 000,046,864 | ---- | M] (Incentives Pro) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dpnptls.sys -- (dpnptls)
DRV:64bit: - [2010.02.03 15:05:22 | 000,026,768 | ---- | M] (Incentives Pro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tusbd.sys -- (tusbd)
DRV:64bit: - [2009.07.17 03:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.17 03:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.02 16:41:04 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.02 16:41:04 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.02 16:41:04 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.07.02 16:41:02 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.29 06:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.06.26 06:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.06.25 13:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.25 11:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 10:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 10:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.15 21:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 23:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2008.02.12 04:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2008.02.05 02:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV:64bit: - [2008.01.02 13:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\LUMDriver.sys -- (LUMDriver)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@autodesk.com/DWF: c:\Program Files (x86)\Autodesk\Autodesk Design Review Firefox Add-on v1.1\npADRdwf.dll (Autodesk)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2011.09.16 12:50:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.09.16 12:50:10 | 000,000,000 | ---D | M]

[2012.01.20 22:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.06 12:01:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Autodesk Design Review Firefox Add-on v1.1 (Enabled) = c:\Program Files (x86)\Autodesk\Autodesk Design Review Firefox Add-on v1.1\npADRdwf.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_1\
CHR - Extension: Gmail = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.29 21:18:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Kuba\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Kuba\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {A29B2641-9931-448A-8DE7-B2D63BDC1812} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe (Acresso Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.191.143 147.229.190.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kn.vutbr.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45545387-24E6-445B-9C85-4325FF447025}: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51A5E0C1-2B79-4F98-93AE-01EADCE9F2B7}: DhcpNameServer = 147.229.191.143 147.229.190.143
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.19 16:40:42 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\SysWow64\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\SysWow64\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.VP60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\SysWow64\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.04.02 11:27:03 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2012.03.29 21:31:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.03.29 21:18:45 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.03.28 16:09:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.03.28 16:09:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.03.28 16:09:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.03.28 16:07:55 | 004,448,457 | R--- | C] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2010.04.10 16:32:16 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\Kuba\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 7 Days ==========

[2012.04.02 11:35:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.02 11:27:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2012.04.02 11:20:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 11:20:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 11:17:04 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.02 11:17:04 | 000,668,358 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.04.02 11:17:04 | 000,653,060 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.02 11:17:04 | 000,141,062 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.04.02 11:17:04 | 000,121,992 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.02 11:13:00 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.04.02 11:12:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.02 11:12:31 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.29 21:18:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.03.29 21:18:05 | 000,599,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.28 16:08:01 | 004,448,457 | R--- | M] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2012.03.27 16:04:05 | 000,537,681 | ---- | M] () -- C:\Users\Kuba\Desktop\471231_2755804348882_1670921799_1824280_1404778636_o.jpg

========== Files Created - No Company Name ==========

[2012.04.02 11:35:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.29 21:17:50 | 000,599,072 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.28 16:09:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.03.28 16:09:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.03.28 16:09:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.03.28 16:09:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.03.28 16:09:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.03.27 16:04:10 | 000,537,681 | ---- | C] () -- C:\Users\Kuba\Desktop\471231_2755804348882_1670921799_1824280_1404778636_o.jpg
[2011.10.29 19:48:27 | 001,560,580 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.14 18:41:46 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2010.12.19 21:33:08 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2010.05.29 18:29:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.04.14 16:52:59 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010.04.14 16:52:59 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010.04.10 16:32:16 | 000,093,696 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\ezpinst.exe
[2010.04.10 16:32:16 | 000,007,176 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\pcouffin.cat
[2010.04.10 16:32:16 | 000,001,167 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\pcouffin.inf

========== LOP Check ==========

[2010.09.13 19:51:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Astroburn Pro
[2010.11.22 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Autodesk
[2010.08.07 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO
[2011.10.29 22:28:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Complitly
[2012.03.16 14:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2011.08.15 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DassaultSystemes
[2010.12.02 00:28:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Driver Smith
[2010.02.14 00:00:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ESET
[2010.09.05 20:46:51 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2012.04.01 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ICQ
[2012.03.30 12:35:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Microgaming
[2010.04.22 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\proDAD
[2010.04.12 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Publish Providers
[2011.04.08 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Soldat
[2010.04.12 20:10:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sony
[2010.09.23 11:11:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TeamViewer
[2012.03.16 14:42:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2011.01.06 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VDownloader
[2010.11.30 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VitySoft
[2010.04.10 16:33:19 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Vso
[2010.09.12 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Zoner
[2010.03.17 17:32:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Autodesk
[2010.03.17 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ESET
[2012.02.21 16:39:15 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\04b4e81f21b1ccdb42578b75e069f6b0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\04b4e81f21b1ccdb42578b75e069f6b0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0d1450c9160292dcd400651259990856\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0d1450c9160292dcd400651259990856\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0d9d97f1988625ac4315558d1e5cc127\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0d9d97f1988625ac4315558d1e5cc127\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d2b54cf2fd867a56d5d96bdccd45358d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d2b54cf2fd867a56d5d96bdccd45358d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dc10ba333d3841bf400c1a49a27e3047\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dc10ba333d3841bf400c1a49a27e3047\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.17 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Adobe
[2010.03.30 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ahead
[2010.09.13 19:51:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Astroburn Pro
[2010.02.14 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ATI
[2010.11.22 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Autodesk
[2010.08.07 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO
[2011.10.29 22:28:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Complitly
[2010.03.29 12:03:54 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Creative
[2010.03.17 15:04:40 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\CyberLink
[2012.03.16 14:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2011.08.15 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DassaultSystemes
[2012.01.22 19:29:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Digsby
[2010.04.14 16:57:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DivX
[2010.12.02 00:28:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Driver Smith
[2012.01.02 19:28:04 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dvdcss
[2010.02.14 00:00:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ESET
[2010.09.05 20:46:51 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2012.04.01 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ICQ
[2010.02.13 23:58:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Identities
[2010.11.21 23:31:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macromedia
[2011.05.31 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macrovision
[2010.11.07 14:47:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MathWorks
[2009.12.02 17:04:03 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Media Center Programs
[2012.03.30 12:35:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Microgaming
[2012.03.15 18:31:28 | 000,000,000 | --SD | M] -- C:\Users\Kuba\AppData\Roaming\Microsoft
[2012.01.20 22:44:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Mozilla
[2012.01.14 15:00:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\NCH Software
[2010.04.22 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\proDAD
[2010.04.12 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Publish Providers
[2010.07.07 21:27:41 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Real
[2010.04.03 17:34:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Reallusion
[2010.02.14 00:00:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Roxio
[2012.02.14 11:47:04 | 000,000,000 | RH-D | M] -- C:\Users\Kuba\AppData\Roaming\SecuROM
[2012.03.29 16:56:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Skype
[2011.10.10 16:09:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\skypePM
[2011.04.08 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Soldat
[2010.04.12 20:10:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sony
[2010.09.23 11:11:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TeamViewer
[2012.03.16 14:42:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2011.01.06 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VDownloader
[2010.11.30 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VitySoft
[2012.01.15 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\vlc
[2010.04.10 16:33:19 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Vso
[2010.09.12 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.04.10 16:32:17 | 000,093,696 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ezpinst.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2011.10.27 06:29:42 | 000,091,128 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2011.10.27 06:29:42 | 000,091,128 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2010.04.22 22:32:33 | 000,029,926 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\ARPPRODUCTICON.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\NewShortcut11_7FA9D1C8F94C42BF8A9B50E44F8D7E39.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\NewShortcut1_7FA9D1C8F94C42BF8A9B50E44F8D7E39.exe
[2010.03.17 16:05:58 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM" = "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler -- [2008.09.26 17:19:04 | 000,210,208 | ---- | M] (Acresso Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.02 11:35:02 | 000,000,512 | ---- | M] () MD5=C683C6D82DE4A495721DC91A4377723D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 20:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2009.12.17 17:00:52 | 000,003,861 | ---- | M] () -- \Program Files (x86)\Vitware\Word Manager\PicBank\crack.gif
[2010.02.25 19:37:02 | 000,014,024 | ---- | M] () -- \Program Files (x86)\Vitware\Word Manager\SndBank\crack.am.wav
[2011.04.29 11:12:48 | 000,745,071 | ---- | M] () -- \Program Files\KN_StrongDC\Downloads\CATIA\crack.zip
[2011.05.05 13:59:48 | 006,247,740 | ---- | M] () -- \Program Files\KN_StrongDC\Downloads\Dubstep Collection 11\Daladubz - Cracks in the Organ.mp3
[2001.02.09 13:03:12 | 000,000,483 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\crackb.m
[2003.10.21 08:26:04 | 000,002,931 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\crackg.m
[2005.03.07 13:35:58 | 000,000,091 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\ja\crackb.m
[2005.03.07 13:36:00 | 000,000,582 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\ja\crackg.m
[2005.11.26 14:31:50 | 000,000,423 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack2-sk.png
[2005.11.26 16:31:50 | 000,000,670 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack3-sk.png
[2011.04.09 20:06:31 | 000,001,014 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack4-sk.png
[2002.11.02 17:23:36 | 000,017,264 | ---- | M] () -- \Soldat\Sfx\bonecrack.wav
[2002.09.28 19:58:58 | 000,021,094 | ---- | M] () -- \Soldat\Sfx\firecrack.wav
[2011.12.19 18:08:31 | 000,014,454 | ---- | M] () -- \Users\Kuba\AppData\Roaming\uTorrent\EasyRecovery Professional 6.22 Retail Pre-Cracked Software.torrent
[2006.11.28 05:25:56 | 000,034,936 | ---- | M] () -- \Users\Kuba\Desktop\Race\gamedata\Sounds\stonechip_windowcrack.wav
[2010.11.02 19:10:33 | 000,004,526 | ---- | M] () -- \Users\Kuba\Documents\ICQ\209115196\ReceivedFiles\218692988 Jirka Zapletalík\crack matlab 2009.rar
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 20:01:08 | 000,030,054 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2009.04.18 16:58:08 | 006,372,990 | ---- | M] () -- \Users\Kuba\Documents\Microsoft Office Enterprise Edition 2007\MP3\eminem-crack_a_bottle-(feat-dr_dre_and_50_cent)-(dubcnn).mp3
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp

< *keygen* /s >
[2007.03.28 18:35:02 | 000,237,056 | ---- | M] () -- \Users\Kuba\Documents\Microsoft Office Enterprise Edition 2007\___---Jak obejít ochranu---___\keygen.exe
[2010.03.17 16:40:09 | 000,000,340 | ---- | M] () -- \Users\user\AppData\Roaming\Microsoft\Windows\Recent\KeygenX64.lnk

OTL logfile created on: 2.4.2012 11:32:12 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kuba\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 70,01% Memory free
7,93 Gb Paging File | 6,52 Gb Available in Paging File | 82,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 66,07 Gb Free Space | 14,65% Space Free | Partition Type: NTFS

Computer Name: A03-0730A | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.04.02 11:27:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2011.09.08 07:34:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009.07.02 02:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.06.25 04:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.06.25 00:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2008.09.26 17:19:04 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

========== Modules (No Company Name) ==========

MOD - [2009.06.19 05:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.08 07:34:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.03.17 16:12:00 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.02.03 15:05:22 | 000,576,000 | ---- | M] (Incentives Pro) [Auto | Running] -- C:\Windows\SysNative\usbredirectorsrv.exe -- (usbredirectorsrv)
SRV:64bit: - [2009.07.17 03:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.02 02:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.06.25 12:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.03.16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.29 06:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.08.09 13:57:12 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.04.14 16:36:18 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.10 16:32:17 | 000,082,048 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.02.03 15:05:22 | 000,056,848 | ---- | M] (Incentives Pro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tusbdbus.sys -- (tusbdbus)
DRV:64bit: - [2010.02.03 15:05:22 | 000,046,864 | ---- | M] (Incentives Pro) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\dpnptls.sys -- (dpnptls)
DRV:64bit: - [2010.02.03 15:05:22 | 000,026,768 | ---- | M] (Incentives Pro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tusbd.sys -- (tusbd)
DRV:64bit: - [2009.07.17 03:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.17 03:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.02 16:41:04 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.02 16:41:04 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.02 16:41:04 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.07.02 16:41:02 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.29 06:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.06.26 06:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.06.25 13:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.25 11:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 10:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 10:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.15 21:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 23:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2008.02.12 04:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2008.02.05 02:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV:64bit: - [2008.01.02 13:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\LUMDriver.sys -- (LUMDriver)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@autodesk.com/DWF: c:\Program Files (x86)\Autodesk\Autodesk Design Review Firefox Add-on v1.1\npADRdwf.dll (Autodesk)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2011.09.16 12:50:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.09.16 12:50:10 | 000,000,000 | ---D | M]

[2012.01.20 22:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.06 12:01:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Autodesk Design Review Firefox Add-on v1.1 (Enabled) = c:\Program Files (x86)\Autodesk\Autodesk Design Review Firefox Add-on v1.1\npADRdwf.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_1\
CHR - Extension: Gmail = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.29 21:18:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Kuba\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Kuba\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {A29B2641-9931-448A-8DE7-B2D63BDC1812} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe (Acresso Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.191.143 147.229.190.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kn.vutbr.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45545387-24E6-445B-9C85-4325FF447025}: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51A5E0C1-2B79-4F98-93AE-01EADCE9F2B7}: DhcpNameServer = 147.229.191.143 147.229.190.143
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.19 16:40:42 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\SysWow64\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\SysWow64\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.VP60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\SysWow64\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.04.02 11:27:03 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2012.03.29 21:31:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.03.29 21:18:45 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.03.28 16:09:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.03.28 16:09:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.03.28 16:09:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.03.28 16:07:55 | 004,448,457 | R--- | C] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2010.04.10 16:32:16 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\Kuba\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 7 Days ==========

[2012.04.02 11:35:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.02 11:27:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2012.04.02 11:20:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 11:20:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 11:17:04 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.02 11:17:04 | 000,668,358 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.04.02 11:17:04 | 000,653,060 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.02 11:17:04 | 000,141,062 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.04.02 11:17:04 | 000,121,992 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.02 11:13:00 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.04.02 11:12:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.02 11:12:31 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.29 21:18:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.03.29 21:18:05 | 000,599,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.28 16:08:01 | 004,448,457 | R--- | M] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2012.03.27 16:04:05 | 000,537,681 | ---- | M] () -- C:\Users\Kuba\Desktop\471231_2755804348882_1670921799_1824280_1404778636_o.jpg

========== Files Created - No Company Name ==========

[2012.04.02 11:35:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.29 21:17:50 | 000,599,072 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.28 16:09:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.03.28 16:09:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.03.28 16:09:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.03.28 16:09:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.03.28 16:09:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.03.27 16:04:10 | 000,537,681 | ---- | C] () -- C:\Users\Kuba\Desktop\471231_2755804348882_1670921799_1824280_1404778636_o.jpg
[2011.10.29 19:48:27 | 001,560,580 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.14 18:41:46 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2010.12.19 21:33:08 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2010.05.29 18:29:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.04.14 16:52:59 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010.04.14 16:52:59 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010.04.10 16:32:16 | 000,093,696 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\ezpinst.exe
[2010.04.10 16:32:16 | 000,007,176 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\pcouffin.cat
[2010.04.10 16:32:16 | 000,001,167 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\pcouffin.inf

========== LOP Check ==========

[2010.09.13 19:51:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Astroburn Pro
[2010.11.22 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Autodesk
[2010.08.07 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO
[2011.10.29 22:28:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Complitly
[2012.03.16 14:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2011.08.15 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DassaultSystemes
[2010.12.02 00:28:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Driver Smith
[2010.02.14 00:00:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ESET
[2010.09.05 20:46:51 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2012.04.01 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ICQ
[2012.03.30 12:35:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Microgaming
[2010.04.22 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\proDAD
[2010.04.12 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Publish Providers
[2011.04.08 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Soldat
[2010.04.12 20:10:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sony
[2010.09.23 11:11:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TeamViewer
[2012.03.16 14:42:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2011.01.06 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VDownloader
[2010.11.30 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VitySoft
[2010.04.10 16:33:19 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Vso
[2010.09.12 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Zoner
[2010.03.17 17:32:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Autodesk
[2010.03.17 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ESET
[2012.02.21 16:39:15 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\04b4e81f21b1ccdb42578b75e069f6b0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\04b4e81f21b1ccdb42578b75e069f6b0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0d1450c9160292dcd400651259990856\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0d1450c9160292dcd400651259990856\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0d9d97f1988625ac4315558d1e5cc127\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0d9d97f1988625ac4315558d1e5cc127\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d2b54cf2fd867a56d5d96bdccd45358d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d2b54cf2fd867a56d5d96bdccd45358d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dc10ba333d3841bf400c1a49a27e3047\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dc10ba333d3841bf400c1a49a27e3047\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.17 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Adobe
[2010.03.30 15:11:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ahead
[2010.09.13 19:51:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Astroburn Pro
[2010.02.14 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ATI
[2010.11.22 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Autodesk
[2010.08.07 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO
[2011.10.29 22:28:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Complitly
[2010.03.29 12:03:54 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Creative
[2010.03.17 15:04:40 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\CyberLink
[2012.03.16 14:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2011.08.15 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DassaultSystemes
[2012.01.22 19:29:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Digsby
[2010.04.14 16:57:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DivX
[2010.12.02 00:28:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Driver Smith
[2012.01.02 19:28:04 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dvdcss
[2010.02.14 00:00:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ESET
[2010.09.05 20:46:51 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2012.04.01 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ICQ
[2010.02.13 23:58:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Identities
[2010.11.21 23:31:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macromedia
[2011.05.31 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macrovision
[2010.11.07 14:47:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MathWorks
[2009.12.02 17:04:03 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Media Center Programs
[2012.03.30 12:35:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Microgaming
[2012.03.15 18:31:28 | 000,000,000 | --SD | M] -- C:\Users\Kuba\AppData\Roaming\Microsoft
[2012.01.20 22:44:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Mozilla
[2012.01.14 15:00:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\NCH Software
[2010.04.22 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\proDAD
[2010.04.12 20:10:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Publish Providers
[2010.07.07 21:27:41 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Real
[2010.04.03 17:34:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Reallusion
[2010.02.14 00:00:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Roxio
[2012.02.14 11:47:04 | 000,000,000 | RH-D | M] -- C:\Users\Kuba\AppData\Roaming\SecuROM
[2012.03.29 16:56:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Skype
[2011.10.10 16:09:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\skypePM
[2011.04.08 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Soldat
[2010.04.12 20:10:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sony
[2010.09.23 11:11:21 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\TeamViewer
[2012.03.16 14:42:37 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2011.01.06 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VDownloader
[2010.11.30 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\VitySoft
[2012.01.15 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\vlc
[2010.04.10 16:33:19 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Vso
[2010.09.12 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.04.10 16:32:17 | 000,093,696 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ezpinst.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2011.10.27 06:29:42 | 000,091,128 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2011.10.27 06:29:42 | 000,091,128 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2010.04.22 22:32:33 | 000,029,926 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\ARPPRODUCTICON.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\NewShortcut11_7FA9D1C8F94C42BF8A9B50E44F8D7E39.exe
[2011.11.29 15:44:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}\NewShortcut1_7FA9D1C8F94C42BF8A9B50E44F8D7E39.exe
[2010.03.17 16:05:58 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM" = "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler -- [2008.09.26 17:19:04 | 000,210,208 | ---- | M] (Acresso Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.02 11:35:02 | 000,000,512 | ---- | M] () MD5=C683C6D82DE4A495721DC91A4377723D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 20:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2009.12.17 17:00:52 | 000,003,861 | ---- | M] () -- \Program Files (x86)\Vitware\Word Manager\PicBank\crack.gif
[2010.02.25 19:37:02 | 000,014,024 | ---- | M] () -- \Program Files (x86)\Vitware\Word Manager\SndBank\crack.am.wav
[2011.04.29 11:12:48 | 000,745,071 | ---- | M] () -- \Program Files\KN_StrongDC\Downloads\CATIA\crack.zip
[2011.05.05 13:59:48 | 006,247,740 | ---- | M] () -- \Program Files\KN_StrongDC\Downloads\Dubstep Collection 11\Daladubz - Cracks in the Organ.mp3
[2001.02.09 13:03:12 | 000,000,483 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\crackb.m
[2003.10.21 08:26:04 | 000,002,931 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\crackg.m
[2005.03.07 13:35:58 | 000,000,091 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\ja\crackb.m
[2005.03.07 13:36:00 | 000,000,582 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\pde\ja\crackg.m
[2005.11.26 14:31:50 | 000,000,423 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack2-sk.png
[2005.11.26 16:31:50 | 000,000,670 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack3-sk.png
[2011.04.09 20:06:31 | 000,001,014 | ---- | M] () -- \Soldat\Scenery-gfx\m_crack4-sk.png
[2002.11.02 17:23:36 | 000,017,264 | ---- | M] () -- \Soldat\Sfx\bonecrack.wav
[2002.09.28 19:58:58 | 000,021,094 | ---- | M] () -- \Soldat\Sfx\firecrack.wav
[2011.12.19 18:08:31 | 000,014,454 | ---- | M] () -- \Users\Kuba\AppData\Roaming\uTorrent\EasyRecovery Professional 6.22 Retail Pre-Cracked Software.torrent
[2006.11.28 05:25:56 | 000,034,936 | ---- | M] () -- \Users\Kuba\Desktop\Race\gamedata\Sounds\stonechip_windowcrack.wav
[2010.11.02 19:10:33 | 000,004,526 | ---- | M] () -- \Users\Kuba\Documents\ICQ\209115196\ReceivedFiles\218692988 Jirka Zapletalík\crack matlab 2009.rar
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 20:01:08 | 000,030,054 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2009.04.18 16:58:08 | 006,372,990 | ---- | M] () -- \Users\Kuba\Documents\Microsoft Office Enterprise Edition 2007\MP3\eminem-crack_a_bottle-(feat-dr_dre_and_50_cent)-(dubcnn).mp3
[2001.08.15 05:01:08 | 000,030,054 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp

< *keygen* /s >
[2007.03.28 18:35:02 | 000,237,056 | ---- | M] () -- \Users\Kuba\Documents\Microsoft Office Enterprise Edition 2007\___---Jak obejít ochranu---___\keygen.exe
[2010.03.17 16:40:09 | 000,000,340 | ---- | M] () -- \Users\user\AppData\Roaming\Microsoft\Windows\Recent\KeygenX64.lnk

pokračování OTL:

< *loader* /s >
[2009.02.04 18:38:46 | 000,032,616 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\acadm\Program Files\Autodesk\Root\AecLoader.arx
[2009.02.13 11:13:06 | 004,777,728 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader.exe
[2009.02.13 05:39:04 | 000,001,278 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader.exe.config
[2009.02.13 05:39:06 | 000,002,821 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 05:39:06 | 000,005,749 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 05:39:06 | 000,009,657 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.02.13 05:43:04 | 000,003,216 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\client\Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2009.02.12 21:42:58 | 000,083,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\cs-CZ\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader_2010.chm
[2009.04.14 23:10:46 | 004,272,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\cs-CZ\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\cs\Autoloader.resources.dll
[2007.10.25 06:08:24 | 000,007,902 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\inventor\Application Data\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.09 20:20:34 | 000,030,360 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_64bit\x64\support\DWGViewer\Program Files\DWG TrueView 2010\AecLoader.arx
[2010.08.24 10:53:04 | 000,071,008 | ---- | M] () -- \Program Files (x86)\2K Games\Mafia II\pc\PhysXLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009.06.25 04:20:06 | 000,011,181 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD DX\mm\MediaCtrl\ImageLoader.kc
[2008.01.12 03:20:32 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\code\clr\V5JsyClrLoader.dll
[2008.02.23 00:30:34 | 000,002,559 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\CATJsyClassLoader.jar
[2008.02.23 00:31:54 | 000,006,821 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\CATJWSIWASLoader.jar
[2008.06.05 12:04:36 | 000,002,045 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_de.properties
[2004.01.23 17:29:00 | 000,001,684 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_en.properties
[2008.06.05 12:04:36 | 000,002,368 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_fr.properties
[2008.06.05 12:04:40 | 000,002,025 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_it.properties
[2008.06.05 12:04:36 | 000,004,216 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_ja.properties
[2008.06.05 12:04:36 | 000,003,796 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_ko.properties
[2008.06.05 12:04:36 | 000,002,549 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\ClassLoader_zh.properties
[2008.02.23 00:30:26 | 000,005,957 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\java\V5JsyLoader.jar
[2008.02.23 00:30:34 | 000,002,559 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\javaserver\CATJsyClassLoader.jar
[2008.02.23 00:31:54 | 000,006,821 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\javaserver\CATJWSIWASLoader.jar
[2008.02.23 00:30:26 | 000,005,957 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\docs\javaserver\V5JsyLoader.jar
[2006.04.12 16:07:12 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATFMSaveLoadError.CATNls
[1999.11.26 14:59:46 | 000,000,147 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATMdlEdtSaveLoadError.CATNls
[2005.05.18 18:56:50 | 000,000,584 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATMMSaveLoadError.CATNls
[1999.04.29 17:31:30 | 000,000,066 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2008.05.20 18:33:14 | 000,001,275 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATOMLoadError.CATNls
[2005.04.19 09:33:58 | 000,003,533 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2007.11.18 21:44:38 | 000,004,793 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2003.06.27 10:47:46 | 000,000,621 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2005.02.22 17:44:36 | 000,000,098 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2007.09.06 17:48:08 | 000,000,464 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\CATStkParamLoaderCmd.CATNls
[2007.09.19 12:04:30 | 000,000,836 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2008.06.05 11:54:24 | 000,002,058 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATFMSaveLoadError.CATNls
[2008.06.05 11:53:54 | 000,000,154 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATMdlEdtSaveLoadError.CATNls
[2008.06.05 11:53:54 | 000,000,647 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATMMSaveLoadError.CATNls
[2008.06.05 11:53:56 | 000,000,103 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATOMCATSDMSaveLoadError.CATNls
[2008.06.05 11:54:34 | 000,001,437 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATOMLoadError.CATNls
[2008.06.05 11:54:24 | 000,004,136 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATOMSaveLoadError.CATNls
[2008.06.05 11:54:24 | 000,005,904 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATOsmSaveLoadError.CATNls
[2008.06.05 11:54:34 | 000,000,775 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATSmBOMSaveLoadError.CATNls
[2008.06.05 11:54:36 | 000,000,116 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\CATStandardSaveLoadError.CATNls
[2008.06.05 11:54:00 | 000,000,966 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\French\OMCATSaveLoadError.CATNls
[2008.06.06 17:43:46 | 000,002,039 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATFMSaveLoadError.CATNls
[2008.06.06 17:43:54 | 000,000,142 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATMdlEdtSaveLoadError.CATNls
[2008.06.06 17:43:58 | 000,000,677 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATMMSaveLoadError.CATNls
[2008.06.06 17:44:00 | 000,000,082 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATOMCATSDMSaveLoadError.CATNls
[2008.06.06 17:44:00 | 000,001,409 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATOMLoadError.CATNls
[2008.06.06 17:44:00 | 000,004,250 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATOMSaveLoadError.CATNls
[2008.06.06 17:44:00 | 000,005,796 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATOsmSaveLoadError.CATNls
[2008.06.06 17:44:10 | 000,000,816 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATSmBOMSaveLoadError.CATNls
[2008.06.06 17:44:14 | 000,000,108 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\CATStandardSaveLoadError.CATNls
[2008.06.06 17:44:30 | 000,000,978 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\German\OMCATSaveLoadError.CATNls
[2008.06.06 17:48:06 | 000,001,939 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATFMSaveLoadError.CATNls
[2008.06.06 17:48:08 | 000,000,154 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATMdlEdtSaveLoadError.CATNls
[2008.06.06 17:48:08 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATMMSaveLoadError.CATNls
[2008.06.06 17:48:10 | 000,000,083 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATOMCATSDMSaveLoadError.CATNls
[2008.06.06 17:48:10 | 000,001,340 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATOMLoadError.CATNls
[2008.06.06 17:48:10 | 000,004,037 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATOMSaveLoadError.CATNls
[2008.06.06 17:48:10 | 000,005,756 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATOsmSaveLoadError.CATNls
[2008.06.06 17:48:12 | 000,000,720 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATSmBOMSaveLoadError.CATNls
[2008.06.06 17:48:12 | 000,000,115 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\CATStandardSaveLoadError.CATNls
[2008.06.06 17:48:16 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Italian\OMCATSaveLoadError.CATNls
[2008.06.05 12:00:06 | 000,001,747 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATFMSaveLoadError.CATNls
[2008.06.05 12:00:10 | 000,000,121 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATMdlEdtSaveLoadError.CATNls
[2008.06.05 12:00:10 | 000,000,557 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATMMSaveLoadError.CATNls
[2008.06.05 12:00:10 | 000,000,067 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATOMCATSDMSaveLoadError.CATNls
[2008.06.05 12:00:38 | 000,001,167 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATOMLoadError.CATNls
[2008.06.05 12:00:10 | 000,003,307 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATOMSaveLoadError.CATNls
[2008.06.05 12:00:10 | 000,004,541 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATOsmSaveLoadError.CATNls
[2008.06.05 12:00:20 | 000,000,679 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATSmBOMSaveLoadError.CATNls
[2008.06.05 12:00:44 | 000,000,085 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\CATStandardSaveLoadError.CATNls
[2008.06.05 12:00:18 | 000,000,790 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Japanese\OMCATSaveLoadError.CATNls
[2008.06.06 17:46:24 | 000,001,612 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATFMSaveLoadError.CATNls
[2008.06.06 17:46:30 | 000,000,122 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATMdlEdtSaveLoadError.CATNls
[2008.06.06 17:46:30 | 000,000,552 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATMMSaveLoadError.CATNls
[2008.06.06 17:46:32 | 000,000,068 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATOMCATSDMSaveLoadError.CATNls
[2008.06.06 17:46:32 | 000,001,215 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATOMLoadError.CATNls
[2008.06.06 17:46:32 | 000,003,336 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATOMSaveLoadError.CATNls
[2008.06.06 17:46:32 | 000,004,683 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATOsmSaveLoadError.CATNls
[2008.06.06 17:46:38 | 000,000,640 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATSmBOMSaveLoadError.CATNls
[2008.06.06 17:46:38 | 000,000,090 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\CATStandardSaveLoadError.CATNls
[2008.06.06 17:46:46 | 000,000,780 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Korean\OMCATSaveLoadError.CATNls
[2008.06.06 17:49:02 | 000,001,845 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATFMSaveLoadError.CATNls
[2008.06.06 17:49:06 | 000,000,145 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATMdlEdtSaveLoadError.CATNls
[2008.06.06 17:49:06 | 000,000,695 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATMMSaveLoadError.CATNls
[2008.06.06 17:49:08 | 000,000,074 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATOMCATSDMSaveLoadError.CATNls
[2008.06.06 17:49:08 | 000,001,355 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATOMLoadError.CATNls
[2008.06.06 17:49:08 | 000,003,753 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATOMSaveLoadError.CATNls
[2008.06.06 17:49:08 | 000,005,103 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATOsmSaveLoadError.CATNls
[2008.06.06 17:49:12 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATSmBOMSaveLoadError.CATNls
[2008.06.06 17:49:12 | 000,000,099 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\CATStandardSaveLoadError.CATNls
[2008.06.06 17:49:18 | 000,000,896 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Russian\OMCATSaveLoadError.CATNls
[2008.06.06 17:45:16 | 000,001,197 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATFMSaveLoadError.CATNls
[2008.06.06 17:45:22 | 000,000,099 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATMdlEdtSaveLoadError.CATNls
[2008.06.06 17:45:22 | 000,000,401 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATMMSaveLoadError.CATNls
[2008.06.06 17:45:24 | 000,000,053 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATOMCATSDMSaveLoadError.CATNls
[2008.06.06 17:45:24 | 000,000,921 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATOMLoadError.CATNls
[2008.06.06 17:45:24 | 000,002,563 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATOMSaveLoadError.CATNls
[2008.06.06 17:45:24 | 000,003,700 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATOsmSaveLoadError.CATNls
[2008.06.06 17:45:30 | 000,000,503 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATSmBOMSaveLoadError.CATNls
[2008.06.06 17:45:30 | 000,000,063 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\CATStandardSaveLoadError.CATNls
[2008.06.06 17:45:38 | 000,000,586 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\msgcatalog\Simplified_Chinese\OMCATSaveLoadError.CATNls
[2005.11.24 14:34:26 | 000,000,176 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\servlet\SessionDownloader.XMLServlet
[2005.06.09 16:05:40 | 000,000,126 | ---- | M] () -- \Program Files (x86)\Dassault Systemes\B19\intel_a\resources\widget\FileUploader.XMLWidget
[2008.12.02 19:02:08 | 000,081,920 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\uploader.crl
[2008.12.02 19:10:04 | 000,405,504 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\UtubeUploader.dll
[2012.03.19 22:28:43 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.03.19 22:28:43 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.03.19 22:28:42 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.02.06 14:07:20 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.03.19 22:28:54 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.11.30 18:24:10 | 002,440,192 | ---- | M] () -- \Program Files (x86)\VDownloader\VDownloader.exe
[2010.10.27 10:49:12 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\ar\VDownloader.resources.dll
[2010.10.27 10:49:12 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\de\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,040,960 | ---- | M] () -- \Program Files (x86)\VDownloader\es\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\fr\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,036,864 | ---- | M] () -- \Program Files (x86)\VDownloader\hu\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,045,056 | ---- | M] () -- \Program Files (x86)\VDownloader\it\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,032,768 | ---- | M] () -- \Program Files (x86)\VDownloader\ja\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,032,768 | ---- | M] () -- \Program Files (x86)\VDownloader\ko\VDownloader.resources.dll
[2010.10.27 10:49:14 | 000,049,152 | ---- | M] () -- \Program Files (x86)\VDownloader\nl\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,032,768 | ---- | M] () -- \Program Files (x86)\VDownloader\pl\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,036,864 | ---- | M] () -- \Program Files (x86)\VDownloader\pt-BR\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,053,248 | ---- | M] () -- \Program Files (x86)\VDownloader\ru\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,028,672 | ---- | M] () -- \Program Files (x86)\VDownloader\sr\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,045,056 | ---- | M] () -- \Program Files (x86)\VDownloader\tr\VDownloader.resources.dll
[2010.10.27 10:49:16 | 000,045,056 | ---- | M] () -- \Program Files (x86)\VDownloader\zh-CHS\VDownloader.resources.dll
[2005.06.07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2009.02.04 18:38:46 | 000,032,616 | ---- | M] () -- \Program Files\Autodesk\ACADM 2010\AecLoader.arx
[2010.04.09 14:33:54 | 000,027,872 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2011\AecLoader.arx
[2009.02.09 20:20:34 | 000,030,360 | ---- | M] () -- \Program Files\DWG TrueView 2010\AecLoader.arx
[2009.07.13 17:45:32 | 000,000,816 | ---- | M] () -- \Program Files\MATLAB\R2009b\bin\registry\dotnetcli_loader.xml
[2009.07.13 17:50:14 | 000,009,216 | ---- | M] () -- \Program Files\MATLAB\R2009b\bin\win64\dotnetcli_loader.dll
[2009.07.13 17:50:14 | 000,000,008 | ---- | M] () -- \Program Files\MATLAB\R2009b\bin\win64\dotnetcli_loader.dll.csf
[2009.07.16 21:26:40 | 000,014,087 | ---- | M] () -- \Program Files\MATLAB\R2009b\help\toolbox\javabuilder\MWArrayAPI\com\mathworks\toolbox\javabuilder\MWCtfClassLoaderSource.html
[2003.07.10 00:11:38 | 000,011,436 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 14:21:36 | 000,000,727 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\ByteLoader.pm
[2007.01.23 16:58:08 | 000,028,960 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\DynaLoader.pm
[2003.08.14 00:44:12 | 000,012,953 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\SelfLoader.pm
[2007.01.23 16:58:08 | 000,010,818 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\XSLoader.pm
[2007.01.23 16:58:30 | 000,000,000 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.bs
[2007.01.23 16:58:28 | 000,028,782 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2007.01.23 16:58:28 | 000,000,817 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.exp
[2007.01.23 16:58:28 | 000,002,212 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.lib
[2003.07.10 00:11:48 | 000,001,324 | ---- | M] () -- \Program Files\MATLAB\R2009b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2009.04.15 18:57:20 | 000,008,695 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\datafeed\datafeed\rdthloader.m
[2009.03.20 15:17:36 | 000,009,296 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\datafeed\datafeed\rnseloader.m
[2009.03.13 05:54:52 | 000,010,273 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\instrument\instrument\private\privateIviComLoader.m
[2008.10.08 13:14:06 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\local\classloader.txt
[2008.03.13 14:38:10 | 000,609,990 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\physmod\sh\shdemos\front_loader.bmp
[2009.05.15 18:06:52 | 000,188,913 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\physmod\sh\shdemos\sh_front_loader_actuation_system.mdl
[2009.06.30 13:11:30 | 000,004,284 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.html
[2009.06.30 13:11:30 | 000,006,042 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system.png
[2009.06.30 13:11:28 | 000,191,881 | ---- | M] () -- \Program Files\MATLAB\R2009b\toolbox\physmod\sh\shdemos\html\sh_front_loader_actuation_system_01.png
[2010.12.19 21:33:09 | 000,001,887 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2010.12.19 21:33:09 | 000,001,887 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2009.02.04 18:38:46 | 000,032,616 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\acadm\Program Files\Autodesk\Root\AecLoader.arx
[2009.02.13 11:13:06 | 004,777,728 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader.exe
[2009.02.13 05:39:04 | 000,001,278 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader.exe.config
[2009.02.13 05:39:06 | 000,002,821 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 05:39:06 | 000,005,749 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 05:39:06 | 000,009,657 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.02.13 05:43:04 | 000,003,216 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\client\Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2009.02.12 21:42:58 | 000,083,128 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\cs-CZ\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\Autoloader_2010.chm
[2009.04.14 23:10:46 | 004,272,128 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\cs-CZ\client\Program Files\Autodesk\Vault 2010\Autoloader\Explorer\cs\Autoloader.resources.dll
[2007.10.25 06:08:24 | 000,007,902 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\inventor\Application Data\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.09 20:20:34 | 000,030,360 | ---- | M] () -- \Users\Kuba\Documents\INSTAL INVENTOR 2010\strojarinatvrdadrina64cz2010\Instal\x64\support\DWGViewer\Program Files\DWG TrueView 2010\AecLoader.arx
[2010.11.30 16:11:43 | 005,987,437 | ---- | M] () -- \Users\Kuba\Downloads\FreeRapid Downloader 0.83 u1.exe
[2010.12.19 21:33:09 | 000,001,869 | ---- | M] () -- \Users\Public\Desktop\VDownloader.lnk
[2007.10.25 06:08:24 | 000,007,902 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2012.04.02 11:27:44 | 000,021,534 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-BC94E7C6.pf
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.01.15 09:49:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.01.15 09:49:59 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.01.15 09:49:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.01.15 09:49:59 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.01.15 09:49:59 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 2.4.2012 11:32:12 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kuba\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 70,01% Memory free
7,93 Gb Paging File | 6,52 Gb Available in Paging File | 82,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 66,07 Gb Free Space | 14,65% Space Free | Partition Type: NTFS

Computer Name: A03-0730A | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{144B2F95-E2C6-4317-94E7-0B9B03F133B7}" = Autodesk Inventor Professional 2010
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-8005-0405-0102-0060B0CE6BBA}" = AutoCAD Mechanical 2010
"{5783F2D7-8005-0405-1102-0060B0CE6BBA}" = Jazykový balíček AutoCAD Mechanical 2010 – čeština

"{5783F2D7-8028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2010
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A10E16AC-34A3-4BB9-83A3-408372AE557A}" = ESET NOD32 Antivirus
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{CF1EB598-B424-436A-B15F-B763846BA970}" = Dassault Systemes Software Prerequisites x86-x64
"{E461C0B2-523B-2940-C5DF-D174284CE609}" = ccc-utility64
"{EF90F06A-3B2D-48E3-8C7A-1F2210200476}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F763AC14-3F26-4161-9567-11D5260AD4FE}" = Autodesk Inventor Professional 2010
"{FB9376AC-5253-42a5-AC0A-D306F32FFAD2}" = USB Redirector
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AutoCAD Mechanical 2010" = AutoCAD Mechanical 2010
"Autodesk Inventor Professional 2010" = Autodesk Inventor Professional 2010 čeština (Czech)
"Canon LBP2900" = Canon LBP2900
"CCleaner" = CCleaner
"Dassault Systemes B19_0" = Dassault Systemes Software B19
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"DWG TrueView 2010" = DWG TrueView 2010
"DWG TrueView 2011" = DWG TrueView 2011
"MatlabR2009b" = MATLAB R2009b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Dell Touchpad

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{03CFDC67-5B03-EE5C-4176-F545B0D2F485}" = CCC Help Korean
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A2AC888-61DC-CD55-5969-8602A7E9716D}" = CCC Help Italian
"{0CF884B6-C6D8-EB7B-D2BF-2877C6F49EBC}" = CCC Help Swedish
"{185CC275-907C-0D83-B0C2-7B065C5108D8}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2ED967AD-FBB0-5355-F5F2-E7A03AAD4F71}" = Catalyst Control Center Localization All
"{30FA0F5C-B1A9-39EB-8148-3D574C0C8332}" = Catalyst Control Center Graphics Previews Common
"{35852FDE-7263-23EA-435F-44E4B61996D0}" = CCC Help Japanese
"{3A07247E-0645-8BCF-8419-FD857790108D}" = Skins
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{445F6C1F-C48F-0CC9-A030-040D3EA42C93}" = Catalyst Control Center Graphics Full New
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{46E08E5F-02B4-E854-CD4F-ED3E4FEBE122}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}" = Document Express DjVu Plug-in
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53AFF171-481D-64FA-0DA4-1CA0ABF01029}" = Nero 7 Demo
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A841BCF-1C5B-E3DA-9475-892CA6576425}" = CCC Help Finnish
"{5B8741B6-4BEA-47D3-DB77-959C7FF35B39}" = Catalyst Control Center Graphics Full Existing
"{5FA16D15-FA5B-7F0F-7CBB-369E1E2937C9}" = CCC Help Spanish
"{61F27C5E-5274-0DB8-67CC-5253C6CF2B93}" = CCC Help Dutch
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6625CE8F-6E89-561F-D828-1B8535DEEBB6}" = Catalyst Control Center Core Implementation
"{669A37FF-A446-46F9-8AAE-EEC1988A2ADF}" = Autodesk Design Review Firefox Add-on v1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2CCC4B-007D-EEE7-3E69-578B178A7B91}" = Catalyst Control Center Graphics Previews Vista
"{71E3D92F-2C51-B4E9-F2B6-EAF89C33E580}" = CCC Help Portuguese
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77F218D6-EAF4-402C-36B1-C3F0EC62598D}" = ccc-core-static
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7FA9D1C8-F94C-42BF-8A9B-50E44F8D7E39}" = AeroFly
"{86C527CC-4AF2-903C-7BFF-5975272CC645}" = Catalyst Control Center InstallProxy
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DDFDDE9-C206-F32E-66AD-D17558D7677E}" = CCC Help German
"{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2A4AC67-DC60-A92B-DD50-65BEE8FA8D71}" = CCC Help Russian
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.733
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A}" = Borland Delphi 6
"{B9C5005C-56CA-38E4-A093-79F22ECA0427}" = CCC Help Norwegian
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{DC93F14E-D2C9-D6D1-31B6-D31AC2AD3BB0}" = Catalyst Control Center Graphics Light
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6E0F53B-B7B8-E052-5C32-76C885536A3E}" = CCC Help Danish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F7FE3C6E-ECB8-0853-584F-BE19BA05B1B8}" = CCC Help Chinese Standard
"{FCC49808-C684-FEFA-3C02-46A04A7C9EBD}" = CCC Help English
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"BSPlayerp" = BS.Player PRO
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"Dell Webcam Central" = Dell Webcam Central
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GotClip" = GotClip Downloader
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0
"Mafia II_is1" = Mafia II
"OpenAL" = OpenAL
"PhotoFiltre" = PhotoFiltre
"Soldat_is1" = Soldat 1.4.2
"Steam App 240" = Counter-Strike: Source
"Switch" = Switch Sound File Converter
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Video Convert Master_is1" = Video Convert Master 8.0.8.24
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.1.4
"WavePad" = WavePad Sound Editor
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"Word Manager" = Word Manager
"ZAV1_is1" = ZAV 4.48 (32bit)
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1597830692-3420299529-3317110022-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.11.2011 15:28:45 | Computer Name = a03-0730a.kn.vutbr.cz | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Kuba\Downloads\SoftonicDownloader_for_vdownloader.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error - 25.11.2011 13:08:04 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 26.11.2011 11:44:25 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7600.16768, časové
razítko: 0x4d688122 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695,
časové razítko: 0x4cc7b325 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000515b0
ID
chybujícího procesu: 0x578 Čas spuštění chybující aplikace: 0x01ccac24989ce207 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 83c12d1b-1845-11e1-ac83-8b76c0bc362f

Error - 26.11.2011 12:34:14 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7600.16768, časové
razítko: 0x4d688122 Název chybujícího modulu: SHELL32.dll, verze: 6.1.7600.16644,
časové razítko: 0x4c4ef25d Kód výjimky: 0xc0000005 Posun chyby: 0x000000000006751b
ID
chybujícího procesu: 0x14a4 Čas spuštění chybující aplikace: 0x01ccac5250f3c842 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\system32\SHELL32.dll
ID
zprávy: 79d9c2d1-184c-11e1-ac83-8b76c0bc362f

Error - 26.11.2011 18:46:12 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 27.11.2011 7:06:04 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7600.16768, časové
razítko: 0x4d688122 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695,
časové razítko: 0x4cc7b325 Kód výjimky: 0xc0000420 Posun chyby: 0x00000000000c6ab2
ID
chybujícího procesu: 0xfb0 Čas spuštění chybující aplikace: 0x01ccacea1cfa3b99 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: cc1b7c44-18e7-11e1-82f0-dfbd273ca82f

Error - 28.11.2011 13:02:04 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Application Error | ID = 1000
Description = Název chybující aplikace: explorer.exe, verze: 6.1.7600.16768, časové
razítko: 0x4d688122 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695,
časové razítko: 0x4cc7b325 Kód výjimky: 0xc0000420 Posun chyby: 0x00000000000c6ab2
ID
chybujícího procesu: 0xfac Čas spuštění chybující aplikace: 0x01ccadea57838241 Cesta
k chybující aplikaci: C:\Windows\explorer.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: b1969b22-19e2-11e1-a23c-9285dbcb7f47

Error - 28.11.2011 19:32:00 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 29.11.2011 16:34:37 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 29.11.2011 17:05:13 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr1.exe, verze: 18.0.55.0, časové
razítko: 0x498fdff7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000000000 ID chybujícího
procesu: 0x15d0 Čas spuštění chybující aplikace: 0x01ccaec24505b5fb Cesta k chybující
aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe Cesta k
chybujícímu modulu: unknown ID zprávy: d4435755-1acd-11e1-afff-abab816ccc3b

[ Broadcom Wireless LAN Events ]
Error - 27.1.2012 4:31:21 | Computer Name = a03-0730a.kn.vutbr.cz | Source = WLAN-Tray | ID = 0
Description = 09:31:20, Fri, Jan 27, 12 Error - Unable to gain access to user store

Error - 7.2.2012 10:28:24 | Computer Name = a03-0730a.kn.vutbr.cz | Source = WLAN-Tray | ID = 0
Description = 15:27:42, Tue, Feb 07, 12 Error - Unable to gain access to user store

[ Media Center Events ]
Error - 24.10.2010 17:37:26 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:37:26 - Chyba při připojování k Internetu 23:37:26 - Nelze kontaktovat
server..

Error - 24.10.2010 17:37:37 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:37:31 - Chyba při připojování k Internetu 23:37:31 - Nelze kontaktovat
server..

Error - 7.11.2010 18:40:22 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:40:22 - Chyba při připojování k Internetu 23:40:22 - Nelze kontaktovat
server..

Error - 7.11.2010 18:40:38 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:40:28 - Chyba při připojování k Internetu 23:40:28 - Nelze kontaktovat
server..

Error - 2.12.2011 18:03:18 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:03:18 - Chyba při připojování k Internetu 23:03:18 - Nelze kontaktovat
server..

Error - 2.12.2011 18:03:30 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 23:03:23 - Chyba při připojování k Internetu 23:03:23 - Nelze kontaktovat
server..

Error - 2.12.2011 19:03:34 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 0:03:34 - Chyba při připojování k Internetu 0:03:34 - Nelze kontaktovat
server..

Error - 2.12.2011 19:03:40 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 0:03:39 - Chyba při připojování k Internetu 0:03:39 - Nelze kontaktovat
server..

Error - 2.12.2011 20:03:45 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 1:03:45 - Chyba při připojování k Internetu 1:03:45 - Nelze kontaktovat
server..

Error - 2.12.2011 20:03:51 | Computer Name = a03-0730a.kn.vutbr.cz | Source = MCUpdate | ID = 0
Description = 1:03:50 - Chyba při připojování k Internetu 1:03:50 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 19.4.2011 13:15:40 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2337
seconds with 420 seconds of active time. This session ended with a crash.

Error - 19.4.2011 16:20:21 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1354
seconds with 0 seconds of active time. This session ended with a crash.

Error - 28.4.2011 7:59:34 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 592
seconds with 420 seconds of active time. This session ended with a crash.

Error - 3.5.2011 8:57:40 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1970
seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 30.3.2012 5:38:47 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Service Control Manager | ID = 7031
Description = Služba Hostitel zařízení UPnP byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error - 30.3.2012 5:38:47 | Computer Name = a03-0730a.kn.vutbr.cz | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby SSDP Discovery, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 30.3.2012 6:05:44 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.

Error - 30.3.2012 7:16:38 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2012 12:00:54 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2012 12:00:55 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2012 15:01:23 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2012 19:01:27 | Computer Name = a03-0730a.kn.vutbr.cz | Source = BTHUSB | ID = 327697
Description = Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit
a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error - 30.3.2012 19:01:34 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

Error - 1.4.2012 14:48:33 | Computer Name = a03-0730a.kn.vutbr.cz | Source = ipnathlp | ID = 31004
Description =

< End of report >

VIRY.CZ

zasekávání celého systému

zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému

Re: zasekávání celého systému