Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by kraki at 2012-08-28 16:50:14
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (18%) free of 76 GB
Total RAM: 4094 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:50:22, on 28.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\kraki.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Headup Games] C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 12915 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1980
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe"
"C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe" /p
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControlA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=3964.01134000.616152129 /prefetch:3
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_12/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControlA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3964.08B20000.1452251077 /prefetch:3
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll" --lang=cs --channel=3964.0460BE00.245059560 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\Users\kraki\AppData\Local\Google\Chrome\APPLIC~1\160912~1.63\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll" --lang=cs --channel=3964.0B15C700.532282314 --flash-broker=1068 /prefetch:4
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_12/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControlA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3964.0A04CC00.958751802 /prefetch:3
"C:\Users\kraki\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheListSize/CacheListSize_12/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControlA/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmniboxHeuristic/ConservativeAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3964.09FED180.2745995 /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"F:\Stahovaní\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-01-16 79240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2011-11-24 336768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-10-06 142288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2011-11-24 57224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-18 8067616]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SmartSoft PDF Printer Agent"=C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe [2011-12-12 52952]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe [2012-01-12 191440]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-06-06 880528]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Headup Games"=C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe [2011-12-26 943211]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-25 74752]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-11-15 312376]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-06-11 641704]
C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-08-28 16:50:14 ----D---- C:\rsit
2012-08-28 16:50:14 ----D---- C:\Program Files\trend micro
2012-08-25 22:09:36 ----D---- C:\Users\kraki\AppData\Roaming\Minecraft server
2012-08-25 20:16:29 ----D---- C:\Users\kraki\AppData\Roaming\.minecraft
2012-08-22 20:18:16 ----D---- C:\Program Files (x86)\Hamachi
2012-08-22 20:18:16 ----A---- C:\Windows\system32\drivers\hamachi.sys
2012-08-18 19:08:46 ----D---- C:\Windows\SYSWOW64\no
2012-08-15 17:44:19 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 17:44:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 17:44:16 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 17:44:15 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 17:44:15 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 17:44:15 ----A---- C:\Windows\splwow64.exe
2012-08-15 17:44:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-08-15 17:44:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 17:44:14 ----A---- C:\Windows\system32\vbscript.dll
2012-08-15 17:44:14 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 17:44:12 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 17:44:12 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 17:44:12 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 17:44:12 ----A---- C:\Windows\system32\browser.dll
2012-08-15 17:44:12 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 17:44:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-15 17:44:03 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 17:43:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-15 17:43:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-08-15 17:43:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-15 17:43:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-15 17:43:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-15 17:43:55 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 17:43:55 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 17:43:55 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 17:43:54 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-15 17:43:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-15 17:43:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-15 17:43:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\url.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\msfeeds.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 17:43:54 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 17:43:41 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 17:43:40 ----A---- C:\Windows\system32\localspl.dll
2012-08-02 19:45:13 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2012-08-02 19:45:13 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2012-08-02 19:45:12 ----D---- C:\Program Files (x86)\BRS
2012-08-02 19:45:11 ----RA---- C:\Windows\SYSWOW64\tmp2F5E.tmp
2012-07-31 20:20:24 ----D---- C:\Program Files (x86)\Rockstar Games
2012-07-31 06:30:22 ----D---- C:\Program Files (x86)\Bing Bar Installer
2012-07-30 20:32:40 ----D---- C:\Users\kraki\AppData\Roaming\Pro Cycling Manager 2012
======List of files/folders modified in the last 1 month======
2012-08-28 16:50:22 ----D---- C:\Windows\Temp
2012-08-28 16:50:14 ----RD---- C:\Program Files
2012-08-28 16:48:33 ----D---- C:\Users\kraki\AppData\Roaming\uTorrent
2012-08-28 16:47:22 ----D---- C:\Users\kraki\AppData\Roaming\Skype
2012-08-28 16:40:57 ----D---- C:\Users\kraki\AppData\Roaming\Hamachi
2012-08-28 14:40:13 ----D---- C:\Windows\system32\config
2012-08-28 14:29:56 ----SHD---- C:\System Volume Information
2012-08-26 19:24:33 ----D---- C:\Program Files (x86)\The KMPlayer
2012-08-25 22:30:17 ----D---- C:\Users\kraki\AppData\Roaming\TS3Client
2012-08-25 22:30:12 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-08-25 15:25:45 ----D---- C:\Windows\System32
2012-08-25 15:25:45 ----D---- C:\Windows\inf
2012-08-25 15:25:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-22 20:18:16 ----RD---- C:\Program Files (x86)
2012-08-22 20:18:16 ----D---- C:\Windows\system32\drivers
2012-08-22 19:59:46 ----SHD---- C:\Windows\Installer
2012-08-19 13:16:12 ----D---- C:\Users\kraki\AppData\Roaming\DAEMON Tools Lite
2012-08-18 19:13:43 ----RSD---- C:\Windows\assembly
2012-08-18 19:13:14 ----D---- C:\Windows
2012-08-18 19:12:08 ----D---- C:\Windows\Logs
2012-08-18 19:08:46 ----D---- C:\Windows\SysWOW64
2012-08-16 15:10:43 ----D---- C:\Windows\winsxs
2012-08-16 15:08:17 ----RSD---- C:\Windows\Fonts
2012-08-16 15:08:17 ----D---- C:\Windows\SYSWOW64\migration
2012-08-16 15:08:17 ----D---- C:\Windows\system32\migration
2012-08-16 15:08:17 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 15:08:16 ----D---- C:\Windows\system32\DriverStore
2012-08-16 15:08:16 ----D---- C:\Program Files\Internet Explorer
2012-08-16 14:40:45 ----D---- C:\Windows\system32\catroot
2012-08-16 14:40:19 ----D---- C:\ProgramData\Microsoft Help
2012-08-16 14:33:29 ----D---- C:\Windows\debug
2012-08-16 14:33:22 ----A---- C:\Windows\system32\MRT.exe
2012-08-15 17:43:37 ----D---- C:\Windows\system32\catroot2
2012-08-13 19:37:07 ----D---- C:\Users\kraki\AppData\Roaming\Winamp
2012-08-13 19:11:54 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2012-08-04 02:56:16 ----D---- C:\Windows\rescache
2012-08-02 19:45:11 ----D---- C:\Program Files (x86)\OpenAL
2012-08-02 19:45:11 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-08-02 19:45:11 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-08-02 19:45:11 ----A---- C:\Windows\system32\wrap_oal.dll
2012-08-02 19:45:11 ----A---- C:\Windows\system32\OpenAL32.dll
2012-08-02 19:32:59 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-08-02 19:32:50 ----A---- C:\Windows\SYSWOW64\pbsvc.exe
2012-08-02 19:28:00 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-31 20:29:31 ----D---- C:\Windows\system32\NDF
2012-07-31 06:31:13 ----D---- C:\Windows\SYSWOW64\directx
2012-07-29 19:45:24 ----A---- C:\Windows\SYSWOW64\BASSMOD.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-24 279616]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-11-15 125376]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-08-22 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-18 1983264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-11-01 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-11-01 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-11-01 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-11-01 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SaiHFFB5;SaiHFFB5; C:\Windows\system32\DRIVERS\SaiHFFB5.sys [2007-05-01 171144]
S3 SaiIFFB5;Immersion's HID USB Driver (FFB5); C:\Windows\system32\DRIVERS\SaiIFFB5.sys [2007-05-01 20608]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-11-01 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-11-01 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-09-28 234720]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-01 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2012-08-02 107832]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2012-01-12 191440]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22 136176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-22 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim a vitam vas u nas na foru 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
OTL Extras logfile created on: 28.8.2012 21:09:42 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\kraki\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,70% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 13,22 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,29 Gb Free Space | 31,46% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 30,17 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive F: | 426,70 Gb Total Space | 178,10 Gb Free Space | 41,74% Space Free | Partition Type: NTFS
Drive G: | 74,52 Gb Total Space | 42,89 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Computer Name: KRAKI-PC | User Name: kraki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{267C67CD-8F03-4BC0-B64F-07DCAB1B8400}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{29C7046E-5A48-4B84-8330-D5FC05C1E7E2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{358768E9-31AF-4CD7-90D0-AF57328579BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4D8A58DB-03A5-48AF-929D-55C45AD9542C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{56983F9E-8E5B-406C-A71B-3193B87795A1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57E9700E-5591-4C30-9CD7-4FEB50CDDBF5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FD2F2D2-D147-4A22-BB44-08118D8DFE7A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{77C5A81E-0D4A-4D9D-AFAF-AB8C6DD9CD92}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78515153-5306-4AA3-A46C-C3DCCD3818D6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{956E77B3-3B15-4F2C-A7CF-7128BEFEBDEE}" = lport=137 | protocol=17 | dir=in | app=system |
"{98A83CC8-C673-4C66-B614-42E592488A22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A129A20A-5FEE-45B5-9E2D-12A5936B5A47}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF794FF2-D705-4A08-878D-C64BDA980447}" = rport=139 | protocol=6 | dir=out | app=system |
"{B39DFCAC-B983-40B5-861E-27F91B55F04D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA4DE83B-3BB2-45C2-8F32-67179C682949}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA8CA3A0-D601-42CD-AD83-D5222C3710B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBFB16B7-BA8D-406C-B53A-661D34DC3C4D}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD7BC66C-EE02-45FD-AF72-67F681DFBB73}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF437FA6-CC7B-4C15-A603-CAC4375F88AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{CC176901-56D2-4847-B639-5D9BD1484E9B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D3C802B2-4FA6-46AC-B829-76998A755374}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8B3B4F5-1888-470B-B976-764FDF081477}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E365F106-58FB-4B9E-818B-7CA30E9EC93B}" = rport=138 | protocol=17 | dir=out | app=system |
"{EBD3624D-998B-46B6-8447-B5165680D314}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F846C51D-47D1-45AF-BC69-43ED605C49C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC88739B-2797-43AA-9E37-9DE0B900B904}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023E502-248A-4B81-905B-4E312B906343}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{00CA4A5F-BCDE-4F28-B23C-2429816CC097}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{00FD02E0-9A89-4F74-83D3-05263299A227}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06D5011C-45FF-45A9-955C-5A34C21286F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06DB7395-8B38-450B-8FE2-99D9253D7184}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{087B423A-BBBC-4D52-B9B0-7E425E49736B}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\autorun\exe\autorun.exe |
"{1B14FAE0-727D-45F1-916F-FC9D09E86173}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\pcm.exe |
"{1F4AE69D-1E19-431D-A060-D924C82F771B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1FEA7711-917D-4260-AB27-D307CBB94D24}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2363567B-5F29-4CD1-A586-E157A277A9D4}" = protocol=17 | dir=in | app=f:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{2592844A-A6FA-467D-90CD-C644C5BF1F9A}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{2A53C250-7660-4CCF-8111-517410D0A440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CCDBE09-6917-4F6A-8E2A-B30CEC22AD78}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{36AE10B0-F8B3-4B9B-A154-96FBE2D1732D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{3C82DDCD-E928-481C-8379-0C3A3BF3E504}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42B67AC2-1431-43B5-9F07-CF7EDD83FCA8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4AC9839E-CD6A-4324-852E-4B0F5FC531FE}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{4BD3B864-F65B-4C8D-AD96-CF7E3603B01D}" = protocol=6 | dir=in | app=f:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{5647AF4F-DD42-4BD4-AE1F-03ABE5F8BD43}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5A17973D-139D-4750-B582-108AEBA0E2BB}" = protocol=17 | dir=in | app=f:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{5FC6E142-5824-4DF5-9625-0FA154ED6CE6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{601CFEA0-0B56-4C54-B344-55FDC63A55A1}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{60AD8189-CF23-40EB-ADE3-96E499C6894A}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{617C9386-B66C-4965-8353-93B2E6E97DC4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6B6CAEF2-77B6-4619-8504-2C26DF353B76}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{71AF195C-0BC8-47C7-82CA-AE7C19E59D3A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7208D09E-75E4-43BC-BA0E-550595E0F554}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76E01015-72F4-4CCC-B7E0-074A566A060D}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\autorun\exe\autorun.exe |
"{7906DED7-F35F-4F39-94DA-8ED1EE0FBFC8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A81EFFC-39B9-4518-8CB0-E8FD849F0CD8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{814A55F5-A6FB-4736-ABD6-F95648B9895B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8199B1B3-EE22-4AC4-8A99-60DECFB2F6F5}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{824FF5CF-F975-4478-92AA-CB0FCDC25F40}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{82BAD64E-1EAA-45F6-B1A0-7F29E0CFA877}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84F1178B-4682-4C15-82E4-D2B6FE0D6F20}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\pcm.exe |
"{86C94A27-12E0-49C5-9C3E-A176303975DB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87BE80C3-F52C-4958-98C8-84004EA7100E}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{8B96FF7D-0179-4B9C-9BAB-12296F792369}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{96DAC9FD-CE08-456A-BE43-CA43E7F7D955}" = protocol=17 | dir=in | app=f:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{A01C6289-F8A7-4714-A695-CF942F16F66F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{A4A4A852-D794-42D6-9046-A1EC88B1EAD3}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{A5FFAEE1-8EC8-434D-9E9F-99EE1946F68D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{ADC0009C-2796-4154-8FDF-7022E0D16222}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE7E858B-1571-4DD1-9C01-BCD71DA41650}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B44ACE6B-9B5E-49CE-A3C7-20645D6A2606}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{B57E0718-AB1B-4F0E-970D-E4B5DBC989F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8A1D3BE-3216-4D1C-BC22-CDCE64C90848}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C1587756-66E8-4093-9DF3-FDC36D252FAD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C3AA0E67-4502-45A4-AF38-959FA56C6290}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C684B34A-CA54-4F80-8DC9-D296F6EBAC0F}" = protocol=6 | dir=in | app=f:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{CCBE5A4A-77C0-42DC-92BA-5E4F4DC1C304}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CF7966D8-8C7A-4B11-A8E6-004FB77059C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D56B3443-ED10-4A7B-A939-D8848F80645F}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{D6CD2602-F717-4A23-BE6B-8724490925C0}" = dir=in | app=c:\users\kraki\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{DDB28CAE-FB66-4012-8042-6A80614EE985}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{E261FDE7-0D81-4084-A24D-FBBAAFF6CFFA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E43E97E3-9137-463F-BD8B-8B4E0F1F6DBE}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E7024D67-677A-4416-9A52-4AD8C4119096}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7E7DE56-BD9F-4412-B838-9932C08EB082}" = protocol=6 | dir=out | app=system |
"{E93194A7-DB1B-4A52-AFF7-EDE52440AF3A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9925DAC-57E5-484F-8AAE-F7B9DDFF5071}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EAF6E305-4F43-42D6-BAA3-D7802BE95ED2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF8001E0-25C0-4964-8692-5B1F60876C54}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{F2B20CAF-3F74-4EE5-B491-9D0856F5F312}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{F3941C66-2C0F-43BB-B87B-69CA3D7AE51F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F3C4D7E6-E3DF-4F5E-858A-C00725B71D0E}" = protocol=6 | dir=in | app=f:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F532F4B5-A665-4ECB-8E90-FE64C7FAE0D8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{F6215979-72B1-4781-9820-706C83E839D4}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{F954BB2D-3085-4785-A2D2-4353C71B1947}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{FD8E97C9-6C86-480B-B88D-6687CB7F0843}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{320E208B-B8CD-4004-82CB-495F9D037BE4}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{394B9D47-0AB8-4328-B514-2D2856724071}C:\users\kraki\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\kraki\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{6CC2404D-B7A0-40BF-9263-B6DADD9B3635}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{7CC4F3E3-8D7C-4B85-8E9C-8DD053C3EFBA}F:\program files\xplane\x-plane 9\x-plane.exe" = protocol=6 | dir=in | app=f:\program files\xplane\x-plane 9\x-plane.exe |
"TCP Query User{A03E5861-8200-496C-88C8-30C56EE8F81B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0DB83546-3BA5-4CD1-90AF-4051E2C4F3BC}F:\program files\xplane\x-plane 9\x-plane.exe" = protocol=17 | dir=in | app=f:\program files\xplane\x-plane 9\x-plane.exe |
"UDP Query User{3223D51B-78A5-4590-AA1A-4156E09171D7}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{33EE7ED2-D471-45A9-B6C6-5A5009E414E3}C:\users\kraki\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\kraki\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{70ECF90C-557B-4A6D-9325-AC204C8A915E}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{B0AACD11-8226-4265-9C16-F7B75C4B5DF4}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417000F0}" = Java(TM) 7 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EPSON Printer and Utilities" = Software tiskárny EPSON
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PCSU-SL_is1" = Zrychleni Pocitace - Kompletně odinstalovat
"Smart PDF Creator Pro_is1" = Smart PDF Creator Pro 6.3.0.467
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02480932-C787-4634-9FF6-483EC2E3FB16}" = MUD - FIM Motocross World Championship
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{05997FF8-244D-474F-89C1-42B4F734B578}" = Real Environment Xtreme for X-Plane
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{32B08666-1587-435D-988C-7958A04B218A}_is1" = OMSI Addon Manager version 1.2.4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{48E15C9C-E25C-40AD-A46B-AB270729B9B9}" = Google SketchUp Pro 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{6D87CAD9-9B94-4421-A439-B25F8DE14575}" = Tom Clancy's Ghost Recon Future Soldier
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CD8F50C-E8AA-443A-BAA0-31D47C709872}" = Counter-Strike Source
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F2DE2C2-3AD1-4EAF-86F4-F5913AB2AE38}_is1" = River-Simulator 2012 Version 1.11
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A56A64FE-1400-4052-A74F-5FDF89B9848C}" = Minecraft
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C581F6DC-F91B-49A0-A317-F025F2641D55}" = SBK(tm) Generations
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1F1E4D2-D2D3-4391-92EF-F63A79A67B36}" = MUD - FIM Motocross World Championship
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{EE294FE5-68E1-BC8D-1758-9E19AA6C9609}" = INFINITUM
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aerofly FS_is1" = aerofly FS
"ArmA 2" = ArmA 2 Free Uninstall
"ASM_Laguna_is1" = The Amazing Spider-Man
"aTube Catcher" = aTube Catcher
"BattlEye for OA" = BattlEye for OA Uninstall
"Borderlands_is1" = Borderlands
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ConBuilder" = ConBuilder
"Cyklotrasy 2.27" = Cyklotrasy 2.27
"DAEMON Tools Lite" = DAEMON Tools Lite
"Emergency Ambulance Simulator" = Emergency Ambulance Simulator
"eu.allodium.INFINITUM" = INFINITUM
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"Just Cause 2 1.20" = Just Cause 2 1.20
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0
"L.A Noire_is1" = L.A. Noire Update v1.3.2613
"Mafia II Digital Deluxe Update 4 - SKIDROW" = Mafia II Digital Deluxe Update 4 - SKIDROW
"Minecraft Cracked" = Minecraft Cracked
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"Pro Cycling Manager 2012_is1" = Pro Cycling Manager - Season 2012 version 1.2.0.0
"PunkBusterSvc" = PunkBuster Services
"Renault Karosa Citybus 12M" = Renault Karosa Citybus 12M
"SeriousSam2" = Serious Sam 2
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store (Czech Language Pack)" = Train Store (Czech Language Pack)
"Train Store V3.2" = Train Store V3.2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Carenado's C SKYLANE II RG R182" = Carenado's C SKYLANE II RG R182
"Carenado's SKYLANE C182Q FSX" = Carenado's SKYLANE C182Q FSX
"ČD 363033 Relay" = ČD 363033 Relay
"Google Chrome" = Google Chrome
"QIP 2012" = QIP 2012 4.0.7102
"QipGuard" = QIP Internet Guardian
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9.7.2012 15:47:37 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TRAIN.EXE, verze: 1.16.5.912, časové razítko:
0x3c1625d7 Název chybujícího modulu: TRAIN.EXE, verze: 1.16.5.912, časové razítko:
0x3c1625d7 Kód výjimky: 0xc0000005 Posun chyby: 0x001a7374 ID chybujícího procesu:
0x1f04 Čas spuštění chybující aplikace: 0x01cd5e0a7ad82d76 Cesta k chybující aplikaci:
F:\Program Files (x86)\Microsoft Games\Train Simulator\TRAIN.EXE Cesta k chybujícímu
modulu: F:\Program Files (x86)\Microsoft Games\Train Simulator\TRAIN.EXE ID zprávy:
eead884d-c9fe-11e1-b854-6cf049799684
Error - 15.7.2012 16:01:03 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DCS.exe, verze: 1.0.0.0, časové razítko:
0x48f5b977 Název chybujícího modulu: DXRenderer.dll, verze: 0.0.0.0, časové razítko:
0x4933f3bb Kód výjimky: 0xc0000005 Posun chyby: 0x0002bd77 ID chybujícího procesu:
0x1428 Čas spuštění chybující aplikace: 0x01cd62c46248f26d Cesta k chybující aplikaci:
f:\Program Files (x86)\Eagle Dynamics\Ka-50\bin\stable\DCS.exe Cesta k chybujícímu
modulu: f:\Program Files (x86)\Eagle Dynamics\Ka-50\bin\stable\DXRenderer.dll ID
zprávy: cd882c2a-ceb7-11e1-8bd6-6cf049799684
Error - 23.7.2012 14:07:38 | Computer Name = kraki-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 28.7.2012 4:59:22 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ArmA2OA.exe, verze: 1.62.95.248, časové
razítko: 0x500d59cb Název chybujícího modulu: ArmA2OA.exe, verze: 1.62.95.248, časové
razítko: 0x500d59cb Kód výjimky: 0xc0000005 Posun chyby: 0x002a2063 ID chybujícího
procesu: 0x2cf4 Čas spuštění chybující aplikace: 0x01cd6c9dff1af766 Cesta k chybující
aplikaci: f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
Cesta
k chybujícímu modulu: f:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe ID zprávy: 857dbd08-d892-11e1-9f62-6cf049799684
Error - 3.8.2012 12:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 15:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 18:25:16 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 20:54:42 | Computer Name = kraki-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 3.8.2012 21:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 4.8.2012 0:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
[ Media Center Events ]
Error - 22.2.2012 4:47:25 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:47:25 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 22.2.2012 4:48:24 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:48:16 - Chyba při připojování k Internetu 9:48:16 - Nelze kontaktovat
server..
Error - 3.3.2012 1:25:46 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 6:25:46 - Chyba při připojování k Internetu 6:25:46 - Nelze kontaktovat
server..
Error - 3.3.2012 1:25:57 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 6:25:51 - Chyba při připojování k Internetu 6:25:51 - Nelze kontaktovat
server..
Error - 3.3.2012 2:29:56 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 7:29:56 - Chyba při připojování k Internetu 7:29:56 - Nelze kontaktovat
server..
Error - 3.3.2012 2:30:02 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 7:30:01 - Chyba při připojování k Internetu 7:30:01 - Nelze kontaktovat
server..
Error - 3.3.2012 3:30:10 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 8:30:10 - Chyba při připojování k Internetu 8:30:10 - Nelze kontaktovat
server..
Error - 3.3.2012 3:30:16 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 8:30:15 - Chyba při připojování k Internetu 8:30:15 - Nelze kontaktovat
server..
Error - 3.3.2012 4:30:22 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:30:22 - Chyba při připojování k Internetu 9:30:22 - Nelze kontaktovat
server..
Error - 3.3.2012 4:30:29 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:30:28 - Chyba při připojování k Internetu 9:30:28 - Nelze kontaktovat
server..
[ System Events ]
Error - 29.5.2012 3:04:19 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 3:05:05 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 3:06:28 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 3:06:55 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 7:01:19 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 7:01:46 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 14:06:50 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:06:58 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:21:28 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:32:13 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
< End of report >
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\kraki\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,70% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 13,22 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,29 Gb Free Space | 31,46% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 30,17 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive F: | 426,70 Gb Total Space | 178,10 Gb Free Space | 41,74% Space Free | Partition Type: NTFS
Drive G: | 74,52 Gb Total Space | 42,89 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Computer Name: KRAKI-PC | User Name: kraki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{267C67CD-8F03-4BC0-B64F-07DCAB1B8400}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{29C7046E-5A48-4B84-8330-D5FC05C1E7E2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{358768E9-31AF-4CD7-90D0-AF57328579BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4D8A58DB-03A5-48AF-929D-55C45AD9542C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{56983F9E-8E5B-406C-A71B-3193B87795A1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57E9700E-5591-4C30-9CD7-4FEB50CDDBF5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FD2F2D2-D147-4A22-BB44-08118D8DFE7A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{77C5A81E-0D4A-4D9D-AFAF-AB8C6DD9CD92}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78515153-5306-4AA3-A46C-C3DCCD3818D6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{956E77B3-3B15-4F2C-A7CF-7128BEFEBDEE}" = lport=137 | protocol=17 | dir=in | app=system |
"{98A83CC8-C673-4C66-B614-42E592488A22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A129A20A-5FEE-45B5-9E2D-12A5936B5A47}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF794FF2-D705-4A08-878D-C64BDA980447}" = rport=139 | protocol=6 | dir=out | app=system |
"{B39DFCAC-B983-40B5-861E-27F91B55F04D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA4DE83B-3BB2-45C2-8F32-67179C682949}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA8CA3A0-D601-42CD-AD83-D5222C3710B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBFB16B7-BA8D-406C-B53A-661D34DC3C4D}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD7BC66C-EE02-45FD-AF72-67F681DFBB73}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF437FA6-CC7B-4C15-A603-CAC4375F88AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{CC176901-56D2-4847-B639-5D9BD1484E9B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D3C802B2-4FA6-46AC-B829-76998A755374}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8B3B4F5-1888-470B-B976-764FDF081477}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E365F106-58FB-4B9E-818B-7CA30E9EC93B}" = rport=138 | protocol=17 | dir=out | app=system |
"{EBD3624D-998B-46B6-8447-B5165680D314}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F846C51D-47D1-45AF-BC69-43ED605C49C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC88739B-2797-43AA-9E37-9DE0B900B904}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023E502-248A-4B81-905B-4E312B906343}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{00CA4A5F-BCDE-4F28-B23C-2429816CC097}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{00FD02E0-9A89-4F74-83D3-05263299A227}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06D5011C-45FF-45A9-955C-5A34C21286F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06DB7395-8B38-450B-8FE2-99D9253D7184}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{087B423A-BBBC-4D52-B9B0-7E425E49736B}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\autorun\exe\autorun.exe |
"{1B14FAE0-727D-45F1-916F-FC9D09E86173}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\pcm.exe |
"{1F4AE69D-1E19-431D-A060-D924C82F771B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1FEA7711-917D-4260-AB27-D307CBB94D24}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2363567B-5F29-4CD1-A586-E157A277A9D4}" = protocol=17 | dir=in | app=f:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{2592844A-A6FA-467D-90CD-C644C5BF1F9A}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{2A53C250-7660-4CCF-8111-517410D0A440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CCDBE09-6917-4F6A-8E2A-B30CEC22AD78}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{36AE10B0-F8B3-4B9B-A154-96FBE2D1732D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{3C82DDCD-E928-481C-8379-0C3A3BF3E504}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42B67AC2-1431-43B5-9F07-CF7EDD83FCA8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4AC9839E-CD6A-4324-852E-4B0F5FC531FE}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{4BD3B864-F65B-4C8D-AD96-CF7E3603B01D}" = protocol=6 | dir=in | app=f:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{5647AF4F-DD42-4BD4-AE1F-03ABE5F8BD43}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5A17973D-139D-4750-B582-108AEBA0E2BB}" = protocol=17 | dir=in | app=f:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{5FC6E142-5824-4DF5-9625-0FA154ED6CE6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{601CFEA0-0B56-4C54-B344-55FDC63A55A1}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{60AD8189-CF23-40EB-ADE3-96E499C6894A}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{617C9386-B66C-4965-8353-93B2E6E97DC4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6B6CAEF2-77B6-4619-8504-2C26DF353B76}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{71AF195C-0BC8-47C7-82CA-AE7C19E59D3A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7208D09E-75E4-43BC-BA0E-550595E0F554}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76E01015-72F4-4CCC-B7E0-074A566A060D}" = protocol=17 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\autorun\exe\autorun.exe |
"{7906DED7-F35F-4F39-94DA-8ED1EE0FBFC8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A81EFFC-39B9-4518-8CB0-E8FD849F0CD8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{814A55F5-A6FB-4736-ABD6-F95648B9895B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8199B1B3-EE22-4AC4-8A99-60DECFB2F6F5}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{824FF5CF-F975-4478-92AA-CB0FCDC25F40}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{82BAD64E-1EAA-45F6-B1A0-7F29E0CFA877}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84F1178B-4682-4C15-82E4-D2B6FE0D6F20}" = protocol=6 | dir=in | app=f:\program files (x86)\cyanide\pro cycling manager - season 2012\pcm.exe |
"{86C94A27-12E0-49C5-9C3E-A176303975DB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87BE80C3-F52C-4958-98C8-84004EA7100E}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{8B96FF7D-0179-4B9C-9BAB-12296F792369}" = protocol=6 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{96DAC9FD-CE08-456A-BE43-CA43E7F7D955}" = protocol=17 | dir=in | app=f:\program files (x86)\bohemia interactive\arma 2 free\arma2free.exe |
"{A01C6289-F8A7-4714-A695-CF942F16F66F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{A4A4A852-D794-42D6-9046-A1EC88B1EAD3}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{A5FFAEE1-8EC8-434D-9E9F-99EE1946F68D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{ADC0009C-2796-4154-8FDF-7022E0D16222}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE7E858B-1571-4DD1-9C01-BCD71DA41650}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B44ACE6B-9B5E-49CE-A3C7-20645D6A2606}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{B57E0718-AB1B-4F0E-970D-E4B5DBC989F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8A1D3BE-3216-4D1C-BC22-CDCE64C90848}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C1587756-66E8-4093-9DF3-FDC36D252FAD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C3AA0E67-4502-45A4-AF38-959FA56C6290}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C684B34A-CA54-4F80-8DC9-D296F6EBAC0F}" = protocol=6 | dir=in | app=f:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{CCBE5A4A-77C0-42DC-92BA-5E4F4DC1C304}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CF7966D8-8C7A-4B11-A8E6-004FB77059C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D56B3443-ED10-4A7B-A939-D8848F80645F}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{D6CD2602-F717-4A23-BE6B-8724490925C0}" = dir=in | app=c:\users\kraki\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{DDB28CAE-FB66-4012-8042-6A80614EE985}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{E261FDE7-0D81-4084-A24D-FBBAAFF6CFFA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E43E97E3-9137-463F-BD8B-8B4E0F1F6DBE}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E7024D67-677A-4416-9A52-4AD8C4119096}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7E7DE56-BD9F-4412-B838-9932C08EB082}" = protocol=6 | dir=out | app=system |
"{E93194A7-DB1B-4A52-AFF7-EDE52440AF3A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9925DAC-57E5-484F-8AAE-F7B9DDFF5071}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EAF6E305-4F43-42D6-BAA3-D7802BE95ED2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF8001E0-25C0-4964-8692-5B1F60876C54}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{F2B20CAF-3F74-4EE5-B491-9D0856F5F312}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{F3941C66-2C0F-43BB-B87B-69CA3D7AE51F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F3C4D7E6-E3DF-4F5E-858A-C00725B71D0E}" = protocol=6 | dir=in | app=f:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F532F4B5-A665-4ECB-8E90-FE64C7FAE0D8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{F6215979-72B1-4781-9820-706C83E839D4}" = protocol=17 | dir=in | app=f:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{F954BB2D-3085-4785-A2D2-4353C71B1947}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{FD8E97C9-6C86-480B-B88D-6687CB7F0843}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{320E208B-B8CD-4004-82CB-495F9D037BE4}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{394B9D47-0AB8-4328-B514-2D2856724071}C:\users\kraki\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\kraki\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{6CC2404D-B7A0-40BF-9263-B6DADD9B3635}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{7CC4F3E3-8D7C-4B85-8E9C-8DD053C3EFBA}F:\program files\xplane\x-plane 9\x-plane.exe" = protocol=6 | dir=in | app=f:\program files\xplane\x-plane 9\x-plane.exe |
"TCP Query User{A03E5861-8200-496C-88C8-30C56EE8F81B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0DB83546-3BA5-4CD1-90AF-4051E2C4F3BC}F:\program files\xplane\x-plane 9\x-plane.exe" = protocol=17 | dir=in | app=f:\program files\xplane\x-plane 9\x-plane.exe |
"UDP Query User{3223D51B-78A5-4590-AA1A-4156E09171D7}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{33EE7ED2-D471-45A9-B6C6-5A5009E414E3}C:\users\kraki\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\kraki\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{70ECF90C-557B-4A6D-9325-AC204C8A915E}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{B0AACD11-8226-4265-9C16-F7B75C4B5DF4}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417000F0}" = Java(TM) 7 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EPSON Printer and Utilities" = Software tiskárny EPSON
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PCSU-SL_is1" = Zrychleni Pocitace - Kompletně odinstalovat
"Smart PDF Creator Pro_is1" = Smart PDF Creator Pro 6.3.0.467
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02480932-C787-4634-9FF6-483EC2E3FB16}" = MUD - FIM Motocross World Championship
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{05997FF8-244D-474F-89C1-42B4F734B578}" = Real Environment Xtreme for X-Plane
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{32B08666-1587-435D-988C-7958A04B218A}_is1" = OMSI Addon Manager version 1.2.4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{48E15C9C-E25C-40AD-A46B-AB270729B9B9}" = Google SketchUp Pro 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{6D87CAD9-9B94-4421-A439-B25F8DE14575}" = Tom Clancy's Ghost Recon Future Soldier
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CD8F50C-E8AA-443A-BAA0-31D47C709872}" = Counter-Strike Source
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F2DE2C2-3AD1-4EAF-86F4-F5913AB2AE38}_is1" = River-Simulator 2012 Version 1.11
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A56A64FE-1400-4052-A74F-5FDF89B9848C}" = Minecraft
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C581F6DC-F91B-49A0-A317-F025F2641D55}" = SBK(tm) Generations
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1F1E4D2-D2D3-4391-92EF-F63A79A67B36}" = MUD - FIM Motocross World Championship
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{EE294FE5-68E1-BC8D-1758-9E19AA6C9609}" = INFINITUM
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aerofly FS_is1" = aerofly FS
"ArmA 2" = ArmA 2 Free Uninstall
"ASM_Laguna_is1" = The Amazing Spider-Man
"aTube Catcher" = aTube Catcher
"BattlEye for OA" = BattlEye for OA Uninstall
"Borderlands_is1" = Borderlands
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ConBuilder" = ConBuilder
"Cyklotrasy 2.27" = Cyklotrasy 2.27
"DAEMON Tools Lite" = DAEMON Tools Lite
"Emergency Ambulance Simulator" = Emergency Ambulance Simulator
"eu.allodium.INFINITUM" = INFINITUM
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"Just Cause 2 1.20" = Just Cause 2 1.20
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0
"L.A Noire_is1" = L.A. Noire Update v1.3.2613
"Mafia II Digital Deluxe Update 4 - SKIDROW" = Mafia II Digital Deluxe Update 4 - SKIDROW
"Minecraft Cracked" = Minecraft Cracked
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"Pro Cycling Manager 2012_is1" = Pro Cycling Manager - Season 2012 version 1.2.0.0
"PunkBusterSvc" = PunkBuster Services
"Renault Karosa Citybus 12M" = Renault Karosa Citybus 12M
"SeriousSam2" = Serious Sam 2
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store (Czech Language Pack)" = Train Store (Czech Language Pack)
"Train Store V3.2" = Train Store V3.2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Carenado's C SKYLANE II RG R182" = Carenado's C SKYLANE II RG R182
"Carenado's SKYLANE C182Q FSX" = Carenado's SKYLANE C182Q FSX
"ČD 363033 Relay" = ČD 363033 Relay
"Google Chrome" = Google Chrome
"QIP 2012" = QIP 2012 4.0.7102
"QipGuard" = QIP Internet Guardian
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9.7.2012 15:47:37 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TRAIN.EXE, verze: 1.16.5.912, časové razítko:
0x3c1625d7 Název chybujícího modulu: TRAIN.EXE, verze: 1.16.5.912, časové razítko:
0x3c1625d7 Kód výjimky: 0xc0000005 Posun chyby: 0x001a7374 ID chybujícího procesu:
0x1f04 Čas spuštění chybující aplikace: 0x01cd5e0a7ad82d76 Cesta k chybující aplikaci:
F:\Program Files (x86)\Microsoft Games\Train Simulator\TRAIN.EXE Cesta k chybujícímu
modulu: F:\Program Files (x86)\Microsoft Games\Train Simulator\TRAIN.EXE ID zprávy:
eead884d-c9fe-11e1-b854-6cf049799684
Error - 15.7.2012 16:01:03 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DCS.exe, verze: 1.0.0.0, časové razítko:
0x48f5b977 Název chybujícího modulu: DXRenderer.dll, verze: 0.0.0.0, časové razítko:
0x4933f3bb Kód výjimky: 0xc0000005 Posun chyby: 0x0002bd77 ID chybujícího procesu:
0x1428 Čas spuštění chybující aplikace: 0x01cd62c46248f26d Cesta k chybující aplikaci:
f:\Program Files (x86)\Eagle Dynamics\Ka-50\bin\stable\DCS.exe Cesta k chybujícímu
modulu: f:\Program Files (x86)\Eagle Dynamics\Ka-50\bin\stable\DXRenderer.dll ID
zprávy: cd882c2a-ceb7-11e1-8bd6-6cf049799684
Error - 23.7.2012 14:07:38 | Computer Name = kraki-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 28.7.2012 4:59:22 | Computer Name = kraki-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ArmA2OA.exe, verze: 1.62.95.248, časové
razítko: 0x500d59cb Název chybujícího modulu: ArmA2OA.exe, verze: 1.62.95.248, časové
razítko: 0x500d59cb Kód výjimky: 0xc0000005 Posun chyby: 0x002a2063 ID chybujícího
procesu: 0x2cf4 Čas spuštění chybující aplikace: 0x01cd6c9dff1af766 Cesta k chybující
aplikaci: f:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
Cesta
k chybujícímu modulu: f:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe ID zprávy: 857dbd08-d892-11e1-9f62-6cf049799684
Error - 3.8.2012 12:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 15:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 18:25:16 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 3.8.2012 20:54:42 | Computer Name = kraki-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 3.8.2012 21:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
Error - 4.8.2012 0:25:15 | Computer Name = kraki-PC | Source = Google Update | ID = 20
Description =
[ Media Center Events ]
Error - 22.2.2012 4:47:25 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:47:25 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 22.2.2012 4:48:24 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:48:16 - Chyba při připojování k Internetu 9:48:16 - Nelze kontaktovat
server..
Error - 3.3.2012 1:25:46 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 6:25:46 - Chyba při připojování k Internetu 6:25:46 - Nelze kontaktovat
server..
Error - 3.3.2012 1:25:57 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 6:25:51 - Chyba při připojování k Internetu 6:25:51 - Nelze kontaktovat
server..
Error - 3.3.2012 2:29:56 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 7:29:56 - Chyba při připojování k Internetu 7:29:56 - Nelze kontaktovat
server..
Error - 3.3.2012 2:30:02 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 7:30:01 - Chyba při připojování k Internetu 7:30:01 - Nelze kontaktovat
server..
Error - 3.3.2012 3:30:10 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 8:30:10 - Chyba při připojování k Internetu 8:30:10 - Nelze kontaktovat
server..
Error - 3.3.2012 3:30:16 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 8:30:15 - Chyba při připojování k Internetu 8:30:15 - Nelze kontaktovat
server..
Error - 3.3.2012 4:30:22 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:30:22 - Chyba při připojování k Internetu 9:30:22 - Nelze kontaktovat
server..
Error - 3.3.2012 4:30:29 | Computer Name = kraki-PC | Source = MCUpdate | ID = 0
Description = 9:30:28 - Chyba při připojování k Internetu 9:30:28 - Nelze kontaktovat
server..
[ System Events ]
Error - 29.5.2012 3:04:19 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 3:05:05 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 3:06:28 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 3:06:55 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 7:01:19 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 7:01:46 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 29.5.2012 14:06:50 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:06:58 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:21:28 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 29.5.2012 14:32:13 | Computer Name = kraki-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%2
< End of report >
Re: Prosím o kontrolu
1.část
OTL logfile created on: 28.8.2012 21:09:42 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\kraki\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,70% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 13,22 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,29 Gb Free Space | 31,46% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 30,17 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive F: | 426,70 Gb Total Space | 178,10 Gb Free Space | 41,74% Space Free | Partition Type: NTFS
Drive G: | 74,52 Gb Total Space | 42,89 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Computer Name: KRAKI-PC | User Name: kraki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.08.28 21:08:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
PRC - [2012.08.02 19:32:59 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.07.01 22:25:56 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.06 10:49:34 | 000,880,528 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.01.12 13:35:12 | 007,320,528 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files (x86)\QipGuard\QipGuard.exe
PRC - [2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
PRC - [2011.12.12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
PRC - [2011.11.15 05:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011.10.25 18:54:46 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011.09.28 09:24:44 | 000,234,720 | ---- | M] () -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.12 13:35:34 | 000,956,880 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2012.01.12 13:35:32 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2012.01.12 13:35:30 | 001,641,424 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2012.01.12 13:35:26 | 002,523,600 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2012.01.12 13:35:22 | 000,824,784 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\qipradio\qipradio.dll
MOD - [2012.01.12 13:35:22 | 000,175,056 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\ogorod\ogorod.dll
MOD - [2012.01.12 13:35:22 | 000,140,240 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\cards\cards.dll
MOD - [2012.01.12 13:35:22 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Win7Helper\Win7Helper.dll
MOD - [2012.01.12 13:35:16 | 004,660,176 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2012.01.12 13:35:02 | 000,185,296 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\QipGuard\chrome.dll
MOD - [2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
MOD - [2011.12.12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
MOD - [2011.12.07 13:16:28 | 000,411,192 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011.12.07 13:16:27 | 003,767,864 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011.12.07 13:14:56 | 000,122,952 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011.12.07 13:14:55 | 000,222,280 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011.12.07 13:14:53 | 001,746,504 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2012.06.11 19:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.06.11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.02 19:32:59 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.01 22:25:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2011.09.28 09:24:44 | 000,234,720 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.08.22 20:18:16 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2012.06.11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.06.11 18:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.24 15:21:30 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.15 05:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.11.01 10:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.11.01 10:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.05.13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 03:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.30 13:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.05.01 16:38:26 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiHFFB5.sys -- (SaiHFFB5)
DRV:64bit: - [2007.05.01 16:38:26 | 000,020,608 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiIFFB5.sys -- (SaiIFFB5)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}: "URL" = http://websearch.ask.com/redirect?clien ... 75363B0B3E
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\kraki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\kraki\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\kraki\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2012.06.17 19:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kraki\AppData\Roaming\Mozilla\Extensions
[2012.06.25 19:16:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kraki\AppData\Roaming\Mozilla\Firefox\Profiles\fctw3hft.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://eu.ask.com/?l=dis&o=14672
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.14.1.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = F:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\kraki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Gmail = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [Headup Games] C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe ()
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [QIP Internet Guardian] C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe (QIP.ru)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012.07.29 17:56:12 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.2.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88EEAABE-CFF2-4418-B76F-70F5EF21BA88}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\Shell - "" = AutoRun
O33 - MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\Shell\AutoRun\command - "" = M:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
O33 - MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\Shell - "" = AutoRun
O33 - MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\dvdcheck.exe
O33 - MountPoints2\K\Shell\directx\command - "" = DirectX9\dxsetup.exe
O33 - MountPoints2\K\Shell\setup\command - "" = K:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.CFHD - C:\Windows\SysWow64\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.08.28 21:08:24 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
[2012.08.28 18:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.08.28 18:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.08.28 16:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.27 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\kraki\Desktop\Foto_releovy_domek_320
[2012.08.25 22:09:36 | 000,000,000 | ---D | C] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.08.25 20:16:29 | 000,000,000 | ---D | C] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.08.22 20:18:16 | 000,033,344 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012.08.22 20:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
========== Files - Modified Within 7 Days ==========
[2012.08.28 21:16:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 21:12:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.28 21:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.28 21:08:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
[2012.08.28 18:32:51 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 18:32:51 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 18:29:02 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.08.28 18:25:33 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 18:25:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.28 18:25:12 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.25 23:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.25 20:16:31 | 000,000,952 | ---- | M] () -- C:\Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.08.25 15:25:45 | 001,638,542 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.25 15:25:45 | 000,687,556 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.25 15:25:45 | 000,672,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.25 15:25:45 | 000,149,042 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.25 15:25:45 | 000,129,676 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.22 20:18:16 | 000,033,344 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012.08.22 20:18:16 | 000,000,981 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
========== Files Created - No Company Name ==========
[2012.08.28 21:12:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.28 18:29:02 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.08.25 20:16:31 | 000,000,952 | ---- | C] () -- C:\Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.08.22 20:18:16 | 000,000,981 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2012.07.17 18:00:44 | 000,001,490 | ---- | C] () -- C:\Users\kraki\.recently-used.xbel
[2012.07.07 19:33:43 | 000,000,000 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\FileOut.cns
[2012.07.07 19:33:43 | 000,000,000 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\FileIn.cns
[2012.06.21 10:37:14 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.03.21 01:20:34 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.03.13 14:47:46 | 000,098,304 | ---- | C] () -- C:\Users\kraki\fbchathistory.dat
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.03.05 20:54:20 | 000,000,635 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012.02.25 18:59:39 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012.02.24 16:13:57 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.24 16:13:53 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.17 11:13:07 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2012.01.17 11:13:06 | 000,651,264 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2012.01.16 15:50:12 | 000,000,016 | ---- | C] () -- C:\Windows\encore_launcher.ini
[2012.01.01 21:29:58 | 000,684,622 | ---- | C] () -- C:\Windows\unins000.exe
[2012.01.01 21:29:58 | 000,044,336 | ---- | C] () -- C:\Windows\unins000.dat
[2011.12.20 01:56:17 | 001,616,828 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.19 01:15:31 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.07 22:58:32 | 000,000,008 | ---- | C] () -- C:\Windows\TT.INI
[2011.11.24 16:52:04 | 000,000,080 | ---- | C] () -- C:\Users\kraki\AppData\Local\X-Plane Installer.prf
[2011.11.24 16:26:53 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat
[2011.11.24 14:54:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.24 14:20:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.11.24 14:20:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.11.24 14:20:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.11.24 14:20:55 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.11.24 13:39:44 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.10.17 07:57:12 | 000,009,851 | ---- | C] () -- C:\Windows\SysWow64\mswkn-oce.dll
========== LOP Check ==========
[2012.08.25 20:19:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.03.13 15:15:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.purple
[2012.06.16 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\4Media
[2012.08.19 13:16:12 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\DAEMON Tools Lite
[2012.06.15 19:08:51 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\esmska
[2012.05.13 21:11:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\eu.allodium.INFINITUM
[2012.07.05 22:10:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\GHISLER
[2012.07.17 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\gtk-2.0
[2011.12.30 17:06:31 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Headup Games
[2012.01.17 11:45:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Indigo Renderer
[2012.05.22 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InfraRecorder
[2012.05.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\IObit
[2012.04.15 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\JOSM
[2012.05.06 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Kalypso Media
[2012.04.30 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Leadertech
[2012.07.20 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\LEGO Company
[2012.06.01 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Milestone
[2012.08.25 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.05.30 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nokia
[2011.12.18 06:18:03 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nvu
[2012.04.28 09:53:05 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Opera
[2012.05.21 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PC Suite
[2011.12.20 17:03:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PDM
[2012.07.30 20:33:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Pro Cycling Manager 2012
[2011.12.07 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ProtectDISC
[2012.03.09 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Publish Providers
[2011.12.07 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QIP
[2012.01.23 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QipGuard
[2012.06.17 11:35:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\RigNRoll_usa_ws
[2012.07.24 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-updater
[2012.07.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-zsync
[2012.07.18 19:30:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Smart PDF Creator Pro
[2012.05.10 23:05:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Sony
[2012.03.26 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Subversion
[2012.08.25 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TS3Client
[2012.05.16 18:55:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TuneUp Software
[2012.01.17 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Twilight
[2012.07.01 22:18:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ubisoft
[2012.08.28 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\uTorrent
[2012.02.10 13:23:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\VitySoft
[2012.06.08 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Windows Live Writer
[2012.03.17 11:42:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Z-Software
[2012.01.18 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\zbusoft
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.07.28 18:46:33 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
OTL logfile created on: 28.8.2012 21:09:42 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\kraki\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,70% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 13,22 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,29 Gb Free Space | 31,46% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 30,17 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive F: | 426,70 Gb Total Space | 178,10 Gb Free Space | 41,74% Space Free | Partition Type: NTFS
Drive G: | 74,52 Gb Total Space | 42,89 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Computer Name: KRAKI-PC | User Name: kraki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.08.28 21:08:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
PRC - [2012.08.02 19:32:59 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.07.01 22:25:56 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.06 10:49:34 | 000,880,528 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.01.12 13:35:12 | 007,320,528 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files (x86)\QipGuard\QipGuard.exe
PRC - [2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
PRC - [2011.12.12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
PRC - [2011.11.15 05:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011.10.25 18:54:46 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011.09.28 09:24:44 | 000,234,720 | ---- | M] () -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.12 13:35:34 | 000,956,880 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2012.01.12 13:35:32 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2012.01.12 13:35:30 | 001,641,424 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2012.01.12 13:35:26 | 002,523,600 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2012.01.12 13:35:22 | 000,824,784 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\qipradio\qipradio.dll
MOD - [2012.01.12 13:35:22 | 000,175,056 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\ogorod\ogorod.dll
MOD - [2012.01.12 13:35:22 | 000,140,240 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\cards\cards.dll
MOD - [2012.01.12 13:35:22 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Win7Helper\Win7Helper.dll
MOD - [2012.01.12 13:35:16 | 004,660,176 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2012.01.12 13:35:02 | 000,185,296 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\QipGuard\chrome.dll
MOD - [2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
MOD - [2011.12.12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
MOD - [2011.12.07 13:16:28 | 000,411,192 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011.12.07 13:16:27 | 003,767,864 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011.12.07 13:14:56 | 000,122,952 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011.12.07 13:14:55 | 000,222,280 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011.12.07 13:14:53 | 001,746,504 | ---- | M] () -- C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2012.06.11 19:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.06.11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.02 19:32:59 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.01 22:25:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2011.09.28 09:24:44 | 000,234,720 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.08.22 20:18:16 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2012.06.11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.06.11 18:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.24 15:21:30 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.15 05:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.11.01 10:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.11.01 10:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.05.13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 03:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.30 13:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.05.01 16:38:26 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiHFFB5.sys -- (SaiHFFB5)
DRV:64bit: - [2007.05.01 16:38:26 | 000,020,608 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiIFFB5.sys -- (SaiIFFB5)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}: "URL" = http://websearch.ask.com/redirect?clien ... 75363B0B3E
IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\kraki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\kraki\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\kraki\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2012.06.17 19:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kraki\AppData\Roaming\Mozilla\Extensions
[2012.06.25 19:16:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kraki\AppData\Roaming\Mozilla\Firefox\Profiles\fctw3hft.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://eu.ask.com/?l=dis&o=14672
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.14.1.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = F:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\kraki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Gmail = C:\Users\kraki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [Headup Games] C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe ()
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [QIP Internet Guardian] C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe (QIP.ru)
O4 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012.07.29 17:56:12 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.2.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88EEAABE-CFF2-4418-B76F-70F5EF21BA88}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\Shell - "" = AutoRun
O33 - MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\Shell\AutoRun\command - "" = M:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
O33 - MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\Shell - "" = AutoRun
O33 - MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\dvdcheck.exe
O33 - MountPoints2\K\Shell\directx\command - "" = DirectX9\dxsetup.exe
O33 - MountPoints2\K\Shell\setup\command - "" = K:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.CFHD - C:\Windows\SysWow64\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.08.28 21:08:24 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
[2012.08.28 18:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.08.28 18:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.08.28 16:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.27 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\kraki\Desktop\Foto_releovy_domek_320
[2012.08.25 22:09:36 | 000,000,000 | ---D | C] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.08.25 20:16:29 | 000,000,000 | ---D | C] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.08.22 20:18:16 | 000,033,344 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012.08.22 20:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
========== Files - Modified Within 7 Days ==========
[2012.08.28 21:16:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 21:12:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.28 21:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.28 21:08:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\kraki\Desktop\OTL.exe
[2012.08.28 18:32:51 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 18:32:51 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.28 18:29:02 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.08.28 18:25:33 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 18:25:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.28 18:25:12 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.25 23:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.25 20:16:31 | 000,000,952 | ---- | M] () -- C:\Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.08.25 15:25:45 | 001,638,542 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.25 15:25:45 | 000,687,556 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.25 15:25:45 | 000,672,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.25 15:25:45 | 000,149,042 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.25 15:25:45 | 000,129,676 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.22 20:18:16 | 000,033,344 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2012.08.22 20:18:16 | 000,000,981 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
========== Files Created - No Company Name ==========
[2012.08.28 21:12:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.28 18:29:02 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.08.25 20:16:31 | 000,000,952 | ---- | C] () -- C:\Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.08.22 20:18:16 | 000,000,981 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
[2012.07.17 18:00:44 | 000,001,490 | ---- | C] () -- C:\Users\kraki\.recently-used.xbel
[2012.07.07 19:33:43 | 000,000,000 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\FileOut.cns
[2012.07.07 19:33:43 | 000,000,000 | ---- | C] () -- C:\Users\kraki\AppData\Roaming\FileIn.cns
[2012.06.21 10:37:14 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.03.21 01:20:34 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.03.13 14:47:46 | 000,098,304 | ---- | C] () -- C:\Users\kraki\fbchathistory.dat
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.03.05 20:54:20 | 000,000,635 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012.02.25 18:59:39 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012.02.24 16:13:57 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.24 16:13:53 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.17 11:13:07 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2012.01.17 11:13:06 | 000,651,264 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2012.01.16 15:50:12 | 000,000,016 | ---- | C] () -- C:\Windows\encore_launcher.ini
[2012.01.01 21:29:58 | 000,684,622 | ---- | C] () -- C:\Windows\unins000.exe
[2012.01.01 21:29:58 | 000,044,336 | ---- | C] () -- C:\Windows\unins000.dat
[2011.12.20 01:56:17 | 001,616,828 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.19 01:15:31 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.07 22:58:32 | 000,000,008 | ---- | C] () -- C:\Windows\TT.INI
[2011.11.24 16:52:04 | 000,000,080 | ---- | C] () -- C:\Users\kraki\AppData\Local\X-Plane Installer.prf
[2011.11.24 16:26:53 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat
[2011.11.24 14:54:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.24 14:20:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.11.24 14:20:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.11.24 14:20:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.11.24 14:20:55 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.11.24 13:39:44 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.10.17 07:57:12 | 000,009,851 | ---- | C] () -- C:\Windows\SysWow64\mswkn-oce.dll
========== LOP Check ==========
[2012.08.25 20:19:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.03.13 15:15:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.purple
[2012.06.16 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\4Media
[2012.08.19 13:16:12 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\DAEMON Tools Lite
[2012.06.15 19:08:51 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\esmska
[2012.05.13 21:11:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\eu.allodium.INFINITUM
[2012.07.05 22:10:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\GHISLER
[2012.07.17 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\gtk-2.0
[2011.12.30 17:06:31 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Headup Games
[2012.01.17 11:45:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Indigo Renderer
[2012.05.22 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InfraRecorder
[2012.05.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\IObit
[2012.04.15 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\JOSM
[2012.05.06 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Kalypso Media
[2012.04.30 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Leadertech
[2012.07.20 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\LEGO Company
[2012.06.01 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Milestone
[2012.08.25 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.05.30 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nokia
[2011.12.18 06:18:03 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nvu
[2012.04.28 09:53:05 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Opera
[2012.05.21 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PC Suite
[2011.12.20 17:03:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PDM
[2012.07.30 20:33:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Pro Cycling Manager 2012
[2011.12.07 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ProtectDISC
[2012.03.09 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Publish Providers
[2011.12.07 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QIP
[2012.01.23 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QipGuard
[2012.06.17 11:35:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\RigNRoll_usa_ws
[2012.07.24 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-updater
[2012.07.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-zsync
[2012.07.18 19:30:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Smart PDF Creator Pro
[2012.05.10 23:05:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Sony
[2012.03.26 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Subversion
[2012.08.25 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TS3Client
[2012.05.16 18:55:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TuneUp Software
[2012.01.17 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Twilight
[2012.07.01 22:18:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ubisoft
[2012.08.28 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\uTorrent
[2012.02.10 13:23:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\VitySoft
[2012.06.08 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Windows Live Writer
[2012.03.17 11:42:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Z-Software
[2012.01.18 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\zbusoft
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.07.28 18:46:33 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
Re: Prosím o kontrolu
2.část
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 06:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.25 20:19:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.03.13 15:15:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.purple
[2012.06.16 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\4Media
[2012.03.16 18:19:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Adobe
[2011.12.04 20:25:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ahead
[2011.11.24 14:55:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ATI
[2012.08.19 13:16:12 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\DAEMON Tools Lite
[2012.02.26 02:23:35 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\dvdcss
[2012.06.15 19:08:51 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\esmska
[2012.05.13 21:11:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\eu.allodium.INFINITUM
[2012.07.05 22:10:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\GHISLER
[2012.01.17 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Google
[2012.07.17 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\gtk-2.0
[2012.08.28 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Hamachi
[2011.12.30 17:06:31 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Headup Games
[2011.11.24 13:27:38 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Identities
[2012.01.17 11:45:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Indigo Renderer
[2012.05.22 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InfraRecorder
[2012.02.19 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InstallShield
[2012.05.15 11:59:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InstallShield Installation Information
[2012.05.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\IObit
[2012.04.15 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\JOSM
[2012.05.06 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Kalypso Media
[2012.04.30 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Leadertech
[2012.07.20 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\LEGO Company
[2011.11.24 13:50:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Media Center Programs
[2012.05.18 15:45:23 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Media Player Classic
[2012.04.01 19:20:17 | 000,000,000 | --SD | M] -- C:\Users\kraki\AppData\Roaming\Microsoft
[2012.06.01 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Milestone
[2012.08.25 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.07.05 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Mozilla
[2012.05.30 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nokia
[2011.12.18 06:18:03 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nvu
[2012.04.28 09:53:05 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Opera
[2012.05.21 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PC Suite
[2011.12.20 17:03:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PDM
[2012.07.30 20:33:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Pro Cycling Manager 2012
[2011.12.07 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ProtectDISC
[2012.03.09 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Publish Providers
[2011.12.07 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QIP
[2012.01.23 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QipGuard
[2012.06.17 11:35:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\RigNRoll_usa_ws
[2012.07.23 20:08:36 | 000,000,000 | RH-D | M] -- C:\Users\kraki\AppData\Roaming\SecuROM
[2012.07.24 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-updater
[2012.07.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-zsync
[2012.08.28 21:04:43 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Skype
[2012.07.18 19:30:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Smart PDF Creator Pro
[2012.05.10 23:05:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Sony
[2012.03.26 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Subversion
[2012.08.25 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TS3Client
[2012.05.16 18:55:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TuneUp Software
[2012.01.17 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Twilight
[2012.07.01 22:18:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ubisoft
[2012.08.28 21:18:40 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\uTorrent
[2012.02.10 13:23:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\VitySoft
[2012.02.17 01:47:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\vlc
[2012.08.13 19:37:07 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Winamp
[2012.06.08 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Windows Live Writer
[2011.11.28 02:19:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\WinRAR
[2012.03.02 23:56:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Xfire
[2012.03.17 11:42:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Z-Software
[2012.01.18 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\zbusoft
< %APPDATA%\*.exe /s >
[2010.10.21 03:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\kraki\AppData\Roaming\.minecraft\Minecraft Updater.exe
[2012.08.01 15:53:52 | 000,263,186 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\.minecraft\Minecraft.exe
[2012.08.25 20:16:31 | 000,300,563 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\.minecraft\Uninstall.exe
[2011.09.23 13:59:50 | 000,289,280 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\gameupd.exe
[2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
[2012.05.15 11:49:08 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Users\kraki\AppData\Roaming\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
[2012.03.21 21:39:27 | 000,010,134 | R--- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Installer\{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}\ARPPRODUCTICON.exe
[2012.01.30 23:49:18 | 000,010,134 | R--- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.28 18:25:33 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 21:16:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.25 23:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 21:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"QIP Internet Guardian" = C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe /p -- [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.06.06 10:49:34 | 000,880,528 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG)
"Headup Games" = C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe -- [2011.12.26 14:27:16 | 000,943,211 | ---- | M] ()
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"EPSON Stylus D92 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBZE.EXE /FU "C:\Windows\TEMP\E_SE8BE.tmp" /EF "HKCU"
"Facebook Update" = "C:\Users\kraki\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012.07.12 00:20:17 | 000,138,096 | ---- | M] (Facebook Inc.)
"Google Update" = "C:\Users\kraki\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.11.24 13:48:42 | 000,136,176 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2012.03.26 11:24:58 | 001,516,600 | ---- | M] (Nokia)
"PCSpeedUp" = C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk -- [2011.12.07 22:58:46 | 000,002,216 | ---- | M] ()
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.06.05 15:23:04 | 017,344,176 | R--- | M] (Skype Technologies S.A.)
"Steam" = "F:\Program Files (x86)\Steam\steam.exe" -silent -- [2012.08.04 19:50:50 | 001,353,080 | ---- | M] (Valve Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 05:22:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.28 21:12:24 | 000,000,512 | ---- | M] () MD5=691518E105AE08554844146AA09C2D79 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1 \Users\kraki\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \Users\kraki\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[2012.08.19 13:59:43 | 000,000,576 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Recent\Minecraft_Cracked_v1.3.2.lnk
[2012.08.25 20:16:31 | 000,000,944 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.08.25 20:16:31 | 000,000,944 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2011.12.06 16:23:34 | 000,019,264 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Angry Birds - Christmas Edition - Seasons 2.0 HD - FULL + Key and Crack.torrent
[2011.11.25 13:40:35 | 000,010,616 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent
[2012.07.30 20:14:35 | 000,018,156 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\CRACK+KEY Tour de France 2012.rar.torrent
[2011.12.09 04:34:51 | 000,001,542 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\DCS Black Shark 2 2011 crack only-SKIDROW.rar.torrent
[2012.02.27 20:08:40 | 000,011,273 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.8.multi5.cracked.READ.NFO-THETA.torrent
[2012.02.27 20:08:26 | 000,017,203 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.9.update.cracked.READ.NFO-THETA.rar.torrent
[2012.02.10 15:07:19 | 000,000,921 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.1.torrent
[2011.12.17 19:54:35 | 000,000,921 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.torrent
[2012.07.22 13:58:18 | 000,020,911 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX.torrent
[2012.06.04 10:52:14 | 000,015,991 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-Full Link.rar.torrent
[2012.02.10 15:04:23 | 000,000,503 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\MFSX Crack.rar.torrent
[2012.04.15 14:22:40 | 000,019,279 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft Crack.rar.torrent
[2012.01.16 21:45:37 | 000,015,313 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.1.0.zip.torrent
[2012.03.08 23:58:00 | 000,015,681 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent
[2012.06.11 14:26:08 | 000,015,721 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.1.torrent
[2012.04.15 14:38:13 | 000,015,721 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.torrent
[2012.08.19 13:58:25 | 000,014,681 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.3.2.zip.torrent
[2011.12.27 12:28:05 | 000,016,539 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Serious Sam 3 new crack DLC_czech.7z.torrent
[2012.08.22 19:55:43 | 000,008,708 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Sleeping.Dogs.v1.4.Proper.Crack.Only.Fixed-3DM.rar.torrent
[2012.05.10 22:48:53 | 000,012,891 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\SONY VEGAS PRO 9 + PATCH & CRACK.zip.torrent
[2011.12.21 05:34:21 | 000,014,965 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Steam Cracked 12.17.11.exe.torrent
[2012.07.02 19:23:09 | 000,003,911 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Tom.Clancys.Ghost.Recon.Future.Soldier-SKIDROW.CRACK.ONLY.rar.torrent
[2012.01.17 10:46:04 | 000,001,689 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.1.torrent
[2012.01.17 10:38:17 | 000,001,689 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.torrent
[2012.01.17 10:48:20 | 000,001,568 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT.torrent
[2012.02.07 21:52:04 | 000,002,330 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Virtual DJ v7.0.2 PRO + Crack.torrent
[2012.08.25 20:16:31 | 000,000,952 | ---- | M] () -- \Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.07.31 16:55:31 | 000,005,369 | ---- | M] () -- \Users\kraki\Desktop\freerapid\plugins\crackle.frp
[2012.08.19 13:56:44 | 000,191,486 | ---- | M] () -- \Windows\Prefetch\MINECRAFT CRACKED.EXE-4967A622.pf
< *keygen* /s >
[2009.08.10 00:07:56 | 000,204,800 | ---- | M] () -- \Program Files (x86)\Sony\Vegas Pro 9.0\Sony Keygen for 9.0a.exe
< *loader* /s >
[2010.03.09 05:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.03.12 14:48:46 | 000,177,712 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2008.10.23 14:37:54 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_loader.rb
[2008.03.10 10:23:06 | 000,007,339 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_loader_ar3_rb.sav
[2009.01.27 13:04:14 | 000,007,219 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_Nxt_loader.rb
[2008.11.13 10:38:28 | 000,004,176 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Resources\en-US\searching\ajax-loader.gif
[2008.11.13 10:39:18 | 000,000,500 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Tools\DynamicComponents\ruby\dcloader.rb
[2011.11.26 14:31:54 | 000,004,176 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Resources\en-US\searching\ajax-loader.gif
[2011.11.26 14:31:56 | 000,000,500 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\DynamicComponents\ruby\dcloader.rb
[2011.11.26 14:31:56 | 000,001,871 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\ShadowStringsFix\shadowstringsfix_loader.rb
[2011.11.26 14:31:56 | 000,003,949 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\SolarNorth\solarnorth_loader.rb
[2011.11.26 14:31:56 | 000,029,615 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\WebTextures\webtextures_loader.rb
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 16:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.01.18 23:13:46 | 000,001,038 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader 1.0.lnk
[2012.01.18 23:13:46 | 000,001,963 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader Documentation.lnk
[2012.01.18 23:13:46 | 000,001,911 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\Uninstall FLV Downloader 1.0.lnk
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.01.18 23:13:46 | 000,001,038 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader 1.0.lnk
[2012.01.18 23:13:46 | 000,001,963 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader Documentation.lnk
[2012.01.18 23:13:46 | 000,001,911 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\Uninstall FLV Downloader 1.0.lnk
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,061,770 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,061,770 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.08.28 18:53:01 | 000,000,753 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EPY3EBHJ\AdLoader[1].htm
[2012.08.28 18:53:01 | 000,105,903 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUQYA1UV\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.07.17 14:18:16 | 000,009,051 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:16 | 000,016,119 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:16 | 000,018,434 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:16 | 000,009,283 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:16 | 000,001,898 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.11.24 17:39:07 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.11.24 17:39:07 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.11.24 17:39:07 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.11.24 17:39:07 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.11.24 17:39:07 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B468194E
< End of report >
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 06:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.25 20:19:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.minecraft
[2012.03.13 15:15:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\.purple
[2012.06.16 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\4Media
[2012.03.16 18:19:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Adobe
[2011.12.04 20:25:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ahead
[2011.11.24 14:55:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ATI
[2012.08.19 13:16:12 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\DAEMON Tools Lite
[2012.02.26 02:23:35 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\dvdcss
[2012.06.15 19:08:51 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\esmska
[2012.05.13 21:11:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\eu.allodium.INFINITUM
[2012.07.05 22:10:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\GHISLER
[2012.01.17 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Google
[2012.07.17 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\gtk-2.0
[2012.08.28 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Hamachi
[2011.12.30 17:06:31 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Headup Games
[2011.11.24 13:27:38 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Identities
[2012.01.17 11:45:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Indigo Renderer
[2012.05.22 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InfraRecorder
[2012.02.19 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InstallShield
[2012.05.15 11:59:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\InstallShield Installation Information
[2012.05.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\IObit
[2012.04.15 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\JOSM
[2012.05.06 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Kalypso Media
[2012.04.30 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Leadertech
[2012.07.20 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\LEGO Company
[2011.11.24 13:50:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Media Center Programs
[2012.05.18 15:45:23 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Media Player Classic
[2012.04.01 19:20:17 | 000,000,000 | --SD | M] -- C:\Users\kraki\AppData\Roaming\Microsoft
[2012.06.01 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Milestone
[2012.08.25 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Minecraft server
[2012.07.05 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Mozilla
[2012.05.30 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nokia
[2011.12.18 06:18:03 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Nvu
[2012.04.28 09:53:05 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Opera
[2012.05.21 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PC Suite
[2011.12.20 17:03:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\PDM
[2012.07.30 20:33:18 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Pro Cycling Manager 2012
[2011.12.07 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\ProtectDISC
[2012.03.09 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Publish Providers
[2011.12.07 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QIP
[2012.01.23 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\QipGuard
[2012.06.17 11:35:37 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\RigNRoll_usa_ws
[2012.07.23 20:08:36 | 000,000,000 | RH-D | M] -- C:\Users\kraki\AppData\Roaming\SecuROM
[2012.07.24 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-updater
[2012.07.24 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\six-zsync
[2012.08.28 21:04:43 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Skype
[2012.07.18 19:30:11 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Smart PDF Creator Pro
[2012.05.10 23:05:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Sony
[2012.03.26 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Subversion
[2012.08.25 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TS3Client
[2012.05.16 18:55:04 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\TuneUp Software
[2012.01.17 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Twilight
[2012.07.01 22:18:36 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Ubisoft
[2012.08.28 21:18:40 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\uTorrent
[2012.02.10 13:23:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\VitySoft
[2012.02.17 01:47:45 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\vlc
[2012.08.13 19:37:07 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Winamp
[2012.06.08 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Windows Live Writer
[2011.11.28 02:19:39 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\WinRAR
[2012.03.02 23:56:13 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Xfire
[2012.03.17 11:42:29 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\Z-Software
[2012.01.18 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\zbusoft
< %APPDATA%\*.exe /s >
[2010.10.21 03:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\kraki\AppData\Roaming\.minecraft\Minecraft Updater.exe
[2012.08.01 15:53:52 | 000,263,186 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\.minecraft\Minecraft.exe
[2012.08.25 20:16:31 | 000,300,563 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\.minecraft\Uninstall.exe
[2011.09.23 13:59:50 | 000,289,280 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\gameupd.exe
[2011.12.26 14:27:16 | 000,943,211 | ---- | M] () -- C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe
[2012.05.15 11:49:08 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Users\kraki\AppData\Roaming\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
[2012.03.21 21:39:27 | 000,010,134 | R--- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Installer\{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}\ARPPRODUCTICON.exe
[2012.01.30 23:49:18 | 000,010,134 | R--- | M] () -- C:\Users\kraki\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
[2012.08.28 18:25:33 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 21:16:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.25 23:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job
[2012.08.28 21:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"QIP Internet Guardian" = C:\Users\kraki\AppData\Roaming\QipGuard\QipGuard.exe /p -- [2012.01.12 13:35:04 | 000,191,440 | ---- | M] (QIP.ru)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.06.06 10:49:34 | 000,880,528 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG)
"Headup Games" = C:\Users\kraki\AppData\Roaming\Headup Games\upd.exe -- [2011.12.26 14:27:16 | 000,943,211 | ---- | M] ()
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"EPSON Stylus D92 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBZE.EXE /FU "C:\Windows\TEMP\E_SE8BE.tmp" /EF "HKCU"
"Facebook Update" = "C:\Users\kraki\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012.07.12 00:20:17 | 000,138,096 | ---- | M] (Facebook Inc.)
"Google Update" = "C:\Users\kraki\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.11.24 13:48:42 | 000,136,176 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2012.03.26 11:24:58 | 001,516,600 | ---- | M] (Nokia)
"PCSpeedUp" = C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk -- [2011.12.07 22:58:46 | 000,002,216 | ---- | M] ()
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.06.05 15:23:04 | 017,344,176 | R--- | M] (Skype Technologies S.A.)
"Steam" = "F:\Program Files (x86)\Steam\steam.exe" -silent -- [2012.08.04 19:50:50 | 001,353,080 | ---- | M] (Valve Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 05:22:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.28 21:12:24 | 000,000,512 | ---- | M] () MD5=691518E105AE08554844146AA09C2D79 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1 \Users\kraki\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \Users\kraki\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[2012.08.19 13:59:43 | 000,000,576 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Recent\Minecraft_Cracked_v1.3.2.lnk
[2012.08.25 20:16:31 | 000,000,944 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.08.25 20:16:31 | 000,000,944 | ---- | M] () -- \Users\kraki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2011.12.06 16:23:34 | 000,019,264 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Angry Birds - Christmas Edition - Seasons 2.0 HD - FULL + Key and Crack.torrent
[2011.11.25 13:40:35 | 000,010,616 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent
[2012.07.30 20:14:35 | 000,018,156 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\CRACK+KEY Tour de France 2012.rar.torrent
[2011.12.09 04:34:51 | 000,001,542 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\DCS Black Shark 2 2011 crack only-SKIDROW.rar.torrent
[2012.02.27 20:08:40 | 000,011,273 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.8.multi5.cracked.READ.NFO-THETA.torrent
[2012.02.27 20:08:26 | 000,017,203 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.9.update.cracked.READ.NFO-THETA.rar.torrent
[2012.02.10 15:07:19 | 000,000,921 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.1.torrent
[2011.12.17 19:54:35 | 000,000,921 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.torrent
[2012.07.22 13:58:18 | 000,020,911 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX.torrent
[2012.06.04 10:52:14 | 000,015,991 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-Full Link.rar.torrent
[2012.02.10 15:04:23 | 000,000,503 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\MFSX Crack.rar.torrent
[2012.04.15 14:22:40 | 000,019,279 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft Crack.rar.torrent
[2012.01.16 21:45:37 | 000,015,313 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.1.0.zip.torrent
[2012.03.08 23:58:00 | 000,015,681 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent
[2012.06.11 14:26:08 | 000,015,721 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.1.torrent
[2012.04.15 14:38:13 | 000,015,721 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.torrent
[2012.08.19 13:58:25 | 000,014,681 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.3.2.zip.torrent
[2011.12.27 12:28:05 | 000,016,539 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Serious Sam 3 new crack DLC_czech.7z.torrent
[2012.08.22 19:55:43 | 000,008,708 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Sleeping.Dogs.v1.4.Proper.Crack.Only.Fixed-3DM.rar.torrent
[2012.05.10 22:48:53 | 000,012,891 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\SONY VEGAS PRO 9 + PATCH & CRACK.zip.torrent
[2011.12.21 05:34:21 | 000,014,965 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Steam Cracked 12.17.11.exe.torrent
[2012.07.02 19:23:09 | 000,003,911 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Tom.Clancys.Ghost.Recon.Future.Soldier-SKIDROW.CRACK.ONLY.rar.torrent
[2012.01.17 10:46:04 | 000,001,689 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.1.torrent
[2012.01.17 10:38:17 | 000,001,689 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.torrent
[2012.01.17 10:48:20 | 000,001,568 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT.torrent
[2012.02.07 21:52:04 | 000,002,330 | ---- | M] () -- \Users\kraki\AppData\Roaming\uTorrent\Virtual DJ v7.0.2 PRO + Crack.torrent
[2012.08.25 20:16:31 | 000,000,952 | ---- | M] () -- \Users\kraki\Desktop\Start Minecraft Cracked.lnk
[2012.07.31 16:55:31 | 000,005,369 | ---- | M] () -- \Users\kraki\Desktop\freerapid\plugins\crackle.frp
[2012.08.19 13:56:44 | 000,191,486 | ---- | M] () -- \Windows\Prefetch\MINECRAFT CRACKED.EXE-4967A622.pf
< *keygen* /s >
[2009.08.10 00:07:56 | 000,204,800 | ---- | M] () -- \Program Files (x86)\Sony\Vegas Pro 9.0\Sony Keygen for 9.0a.exe
< *loader* /s >
[2010.03.09 05:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.03.12 14:48:46 | 000,177,712 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2008.10.23 14:37:54 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_loader.rb
[2008.03.10 10:23:06 | 000,007,339 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_loader_ar3_rb.sav
[2009.01.27 13:04:14 | 000,007,219 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Plugins\IRender_Nxt_loader.rb
[2008.11.13 10:38:28 | 000,004,176 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Resources\en-US\searching\ajax-loader.gif
[2008.11.13 10:39:18 | 000,000,500 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 7\Tools\DynamicComponents\ruby\dcloader.rb
[2011.11.26 14:31:54 | 000,004,176 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Resources\en-US\searching\ajax-loader.gif
[2011.11.26 14:31:56 | 000,000,500 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\DynamicComponents\ruby\dcloader.rb
[2011.11.26 14:31:56 | 000,001,871 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\ShadowStringsFix\shadowstringsfix_loader.rb
[2011.11.26 14:31:56 | 000,003,949 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\SolarNorth\solarnorth_loader.rb
[2011.11.26 14:31:56 | 000,029,615 | ---- | M] () -- \Program Files (x86)\Google\Google SketchUp 8\Tools\WebTextures\webtextures_loader.rb
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 16:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.01.18 23:13:46 | 000,001,038 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader 1.0.lnk
[2012.01.18 23:13:46 | 000,001,963 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader Documentation.lnk
[2012.01.18 23:13:46 | 000,001,911 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\Uninstall FLV Downloader 1.0.lnk
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.01.18 23:13:46 | 000,001,038 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader 1.0.lnk
[2012.01.18 23:13:46 | 000,001,963 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\FLV Downloader Documentation.lnk
[2012.01.18 23:13:46 | 000,001,911 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\FLV Downloader 1.0\Uninstall FLV Downloader 1.0.lnk
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,057,728 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,061,770 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.11.24 15:23:15 | 000,061,770 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.08.28 18:53:01 | 000,000,753 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EPY3EBHJ\AdLoader[1].htm
[2012.08.28 18:53:01 | 000,105,903 | ---- | M] () -- \Users\kraki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUQYA1UV\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.07.17 14:18:16 | 000,009,051 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:16 | 000,016,119 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:16 | 000,018,434 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:16 | 000,009,283 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:16 | 000,001,898 | ---- | M] () -- \Users\kraki\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.11.24 17:39:07 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.11.24 17:39:07 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.11.24 17:39:07 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.11.24 17:39:07 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.11.24 17:39:07 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B468194E
< End of report >
Re: Prosím o kontrolu
Pak nemate mit PC zaliskane kdyz to krmite crackama&keygenama, tohle tu netolerujem Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2011.09.28 09:24:44 | 000,234,720 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService) IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data] IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE IE - HKU\S-1-5-21-3087240707-214970071-3093019081-1001\..\SearchScopes\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=bfa51efc-aea0-42bd-956c-5a4a919d7334&apn_sauid=EDA04CCC-D3ED-4679-966B-6175363B0B3E CHR - homepage: http://eu.ask.com/?l=dis&o=14672 O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\Shell - "" = AutoRun O33 - MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\Shell - "" = AutoRun O33 - MountPoints2\K\Shell - "" = AutoRun [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [2012.05.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\kraki\AppData\Roaming\IObit [2012.08.26 00:25:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job [2012.08.28 15:25:00 | 000,000,982 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job [2012.08.28 18:25:33 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.08.28 21:16:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.08.25 23:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job [2012.08.28 21:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job @Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:8927A071 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B468194E :services QipGuard :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "QIP Internet Guardian"=- "uTorrent"=- "DAEMON Tools Lite"=- "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "Headup Games"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "SwitchBoard"=- "AMD AVT"=- "PWRISOVM.EXE"=- :files c:\Users\kraki\AppData\Roaming\uTorrent\*crack*.* C:\Program Files (x86)\Zrychleni Pocitace %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
All processes killed
========== OTL ==========
Service PCSUService stopped successfully!
Service PCSUService deleted successfully!
C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}\ not found.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d8c955c4-4554-11e1-9f72-6cf049799684}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP734B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP22DB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP50B4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5550.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5568.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBC5C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC51B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC71.tmp folder deleted successfully.
C:\Windows\Installer\MSI365.tmp deleted successfully.
C:\Windows\Installer\MSI37E0.tmp deleted successfully.
C:\Windows\Installer\MSI3C10.tmp deleted successfully.
C:\Windows\Installer\MSI40D4.tmp deleted successfully.
C:\Windows\Installer\MSI57A4.tmp deleted successfully.
C:\Windows\Installer\MSI58AD.tmp deleted successfully.
C:\Windows\Installer\MSI5CF8.tmp deleted successfully.
C:\Windows\Installer\MSI6D55.tmp deleted successfully.
C:\Windows\Installer\MSIAECD.tmp deleted successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Disk Cleaner folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit folder moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job moved successfully.
ADS C:\ProgramData\TEMP:8927A071 deleted successfully.
ADS C:\ProgramData\TEMP:B468194E deleted successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Headup Games deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AMD AVT deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE deleted successfully.
========== FILES ==========
c:\Users\kraki\AppData\Roaming\uTorrent\Angry Birds - Christmas Edition - Seasons 2.0 HD - FULL + Key and Crack.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\CRACK+KEY Tour de France 2012.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\DCS Black Shark 2 2011 crack only-SKIDROW.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.8.multi5.cracked.READ.NFO-THETA.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.9.update.cracked.READ.NFO-THETA.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-Full Link.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\MFSX Crack.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft Crack.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.1.0.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.3.2.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Serious Sam 3 new crack DLC_czech.7z.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Sleeping.Dogs.v1.4.Proper.Crack.Only.Fixed-3DM.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\SONY VEGAS PRO 9 + PATCH & CRACK.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Steam Cracked 12.17.11.exe.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Tom.Clancys.Ghost.Recon.Future.Soldier-SKIDROW.CRACK.ONLY.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Virtual DJ v7.0.2 PRO + Crack.torrent moved successfully.
C:\Program Files (x86)\Zrychleni Pocitace folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: kraki
->Temp folder emptied: 12810790 bytes
->Temporary Internet Files folder emptied: 1814946 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 233208235 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2422 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9120 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 236,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: kraki
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: kraki
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08292012_185858
Files\Folders moved on Reboot...
C:\Users\kraki\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
Service PCSUService stopped successfully!
Service PCSUService deleted successfully!
C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3087240707-214970071-3093019081-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-3087240707-214970071-3093019081-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE62E70A-2D06-45E2-A185-C57EAD17C52A}\ not found.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\kraki\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55ce5fbe-935c-11e1-bb8c-6cf049799684}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c955c4-4554-11e1-9f72-6cf049799684}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d8c955c4-4554-11e1-9f72-6cf049799684}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP734B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP22DB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP50B4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5550.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5568.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBC5C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC51B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC71.tmp folder deleted successfully.
C:\Windows\Installer\MSI365.tmp deleted successfully.
C:\Windows\Installer\MSI37E0.tmp deleted successfully.
C:\Windows\Installer\MSI3C10.tmp deleted successfully.
C:\Windows\Installer\MSI40D4.tmp deleted successfully.
C:\Windows\Installer\MSI57A4.tmp deleted successfully.
C:\Windows\Installer\MSI58AD.tmp deleted successfully.
C:\Windows\Installer\MSI5CF8.tmp deleted successfully.
C:\Windows\Installer\MSI6D55.tmp deleted successfully.
C:\Windows\Installer\MSIAECD.tmp deleted successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Disk Cleaner folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\kraki\AppData\Roaming\IObit folder moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3087240707-214970071-3093019081-1001UA.job moved successfully.
ADS C:\ProgramData\TEMP:8927A071 deleted successfully.
ADS C:\ProgramData\TEMP:B468194E deleted successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Headup Games deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AMD AVT deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE deleted successfully.
========== FILES ==========
c:\Users\kraki\AppData\Roaming\uTorrent\Angry Birds - Christmas Edition - Seasons 2.0 HD - FULL + Key and Crack.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\CRACK+KEY Tour de France 2012.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\DCS Black Shark 2 2011 crack only-SKIDROW.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.8.multi5.cracked.READ.NFO-THETA.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Depth.Hunter.v1.9.update.cracked.READ.NFO-THETA.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Fsx Sp2 Crack .rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-Full Link.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\MFSX Crack.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft Crack.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.1.0.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.5.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.3.2.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Serious Sam 3 new crack DLC_czech.7z.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Sleeping.Dogs.v1.4.Proper.Crack.Only.Fixed-3DM.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\SONY VEGAS PRO 9 + PATCH & CRACK.zip.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Steam Cracked 12.17.11.exe.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Tom.Clancys.Ghost.Recon.Future.Soldier-SKIDROW.CRACK.ONLY.rar.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.1.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT { www.torrentkit.com }.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Twilight.Render.for.Google.SketchUp.v1.1.2.Cracked-RedT.torrent moved successfully.
c:\Users\kraki\AppData\Roaming\uTorrent\Virtual DJ v7.0.2 PRO + Crack.torrent moved successfully.
C:\Program Files (x86)\Zrychleni Pocitace folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: kraki
->Temp folder emptied: 12810790 bytes
->Temporary Internet Files folder emptied: 1814946 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 233208235 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2422 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9120 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 236,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: kraki
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: kraki
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08292012_185858
Files\Folders moved on Reboot...
C:\Users\kraki\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Zdravím, Pc je stabilní a ok. On nebyl problém ani předtím, proto preventivní kontrola 
Je ještě potřeba udělat nějaký scan či podobně ?
Jestli je vše hotovo, děkuji moc za spolupráci
Je ještě potřeba udělat nějaký scan či podobně ?Jestli je vše hotovo, děkuji moc za spolupráci
Re: Prosím o kontrolu
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
A na zaklade Pravidla o zamykani temat 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?