Logfile of random's system information tool 1.09 (written by random/random)
Run by Hula at 2012-09-30 19:54:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 56 GB (56%) free of 100 GB
Total RAM: 4030 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:02, on 30.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Opera Next\opera.exe
C:\Program Files (x86)\Opera Next\pluginwrapper\opera_plugin_wrapper.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files\trend micro\Hula.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?affID=17 ... ftt_3612_3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Hula\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9995 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 38593648
\??\C:\Windows\system32\conhost.exe "-1523109032-21264106135693765643528936101914267668-154006032122893654-932537166
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {8186BFF1-D87D-48FA-88FC-89F0EE89246A}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
"C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><ProgressBar><Percentage>90</Percentage><LeftIconPath>C:\Users\Hula\AppData\Local\Temp\BrightnessDown.ico</LeftIconPath><RightIconPath>C:\Users\Hula\AppData\Local\Temp\BrightnessUp.ico</RightIconPath></ProgressBar></hpNotification>"
"C:\Program Files (x86)\Last.fm\LastFM.exe" --tray
"C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Opera Next\opera.exe"
"C:\Program Files (x86)\Opera Next\pluginwrapper\opera_plugin_wrapper.exe" -newprocess "3092 2 0 1 3" -logfolder "C:\Users\Hula\AppData\Local\Opera\Opera Next\logs"
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"D:\Programy_nove\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll [2012-08-23 264192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-04 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-20 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll [2012-08-23 288256]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-26 418840]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-20 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-20 379552]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Google Update"=C:\Users\Hula\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-18 116648]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-27 336384]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-13 318520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2011-07-12 1764352]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-09-30 19:54:57 ----D---- C:\Program Files\trend micro
2012-09-30 19:54:56 ----D---- C:\rsit
2012-09-30 19:09:33 ----SHD---- C:\ProgramData\SecuROM
2012-09-30 18:49:45 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-09-30 18:49:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-09-30 18:49:45 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-09-30 18:49:45 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-09-30 18:49:44 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-09-30 18:49:44 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-09-30 18:47:53 ----D---- C:\Windows\SYSWOW64\AGEIA
2012-09-30 18:47:53 ----D---- C:\Program Files (x86)\AGEIA Technologies
2012-09-29 13:21:36 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-09-29 13:20:40 ----D---- C:\Windows\Sun
2012-09-28 19:15:33 ----D---- C:\ProgramData\IObit
2012-09-28 19:15:33 ----D---- C:\Program Files (x86)\IObit
2012-09-28 17:10:41 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-28 16:59:45 ----D---- C:\Program Files (x86)\2K Games
2012-09-27 11:35:22 ----D---- C:\ProgramData\iRinger
2012-09-26 03:05:51 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-25 10:41:19 ----D---- C:\Program Files (x86)\TuxGuitar
2012-09-24 23:08:01 ----D---- C:\_serialy
2012-09-24 20:54:41 ----A---- C:\Windows\IsUninst.exe
2012-09-24 17:58:27 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-09-24 17:53:48 ----D---- C:\Users\Hula\AppData\Roaming\Hamachi
2012-09-24 13:24:48 ----A---- C:\Windows\SYSWOW64\Access.dat
2012-09-24 13:23:41 ----D---- C:\Users\Hula\AppData\Roaming\Tunngle
2012-09-24 13:23:41 ----D---- C:\ProgramData\Tunngle
2012-09-24 13:23:40 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2012-09-24 13:23:35 ----D---- C:\Program Files (x86)\Tunngle
2012-09-24 12:59:58 ----D---- C:\Users\Hula\AppData\Roaming\Skype
2012-09-24 12:59:48 ----RD---- C:\Program Files (x86)\Skype
2012-09-24 12:59:43 ----D---- C:\ProgramData\Skype
2012-09-23 08:09:57 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-23 08:09:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-23 08:09:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-23 08:09:55 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-23 08:09:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-23 08:09:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-23 08:09:55 ----A---- C:\Windows\system32\url.dll
2012-09-23 08:09:55 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-23 08:09:55 ----A---- C:\Windows\system32\ieui.dll
2012-09-23 08:09:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-23 08:09:54 ----A---- C:\Windows\system32\urlmon.dll
2012-09-23 08:09:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-23 08:09:53 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-23 08:09:53 ----A---- C:\Windows\system32\jscript9.dll
2012-09-23 08:09:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-23 08:09:52 ----A---- C:\Windows\system32\wininet.dll
2012-09-23 08:09:52 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-23 08:09:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-23 08:09:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-23 08:09:51 ----A---- C:\Windows\system32\vbscript.dll
2012-09-23 08:09:51 ----A---- C:\Windows\system32\jscript.dll
2012-09-23 08:09:51 ----A---- C:\Windows\system32\iertutil.dll
2012-09-23 08:09:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-23 08:09:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-23 08:09:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-23 08:09:48 ----A---- C:\Windows\system32\mshtml.dll
2012-09-23 08:09:47 ----A---- C:\Windows\system32\ieframe.dll
2012-09-23 08:09:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-21 14:38:05 ----D---- C:\Program Files (x86)\WinHTTrack
2012-09-20 08:12:56 ----A---- C:\Windows\AviSplitter.INI
2012-09-19 11:34:44 ----D---- C:\Users\Hula\AppData\Roaming\Hothead Games
2012-09-19 11:33:46 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-09-19 11:33:46 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-09-19 11:33:46 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-09-19 11:33:46 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-09-19 11:33:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-09-19 11:33:46 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-09-19 11:33:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-09-19 11:33:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-09-19 11:33:44 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-09-19 11:33:44 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-09-19 11:33:43 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-09-19 11:33:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-09-19 11:33:43 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-09-19 11:33:43 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-09-19 11:33:42 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-09-19 11:33:42 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-09-19 11:33:41 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-09-19 11:33:41 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-09-19 11:33:41 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-09-19 11:33:41 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-09-19 11:33:40 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-09-19 11:33:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-09-19 11:33:40 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-09-19 11:33:40 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-09-19 11:33:39 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-09-19 11:33:39 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-09-19 11:33:39 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-09-19 11:33:39 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-09-19 11:33:38 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-09-19 11:33:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-09-19 11:33:38 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-09-19 11:33:38 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-09-19 11:33:37 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-09-19 11:33:37 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-09-19 11:33:36 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-09-19 11:33:36 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-09-19 11:33:36 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-09-19 11:33:35 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-09-19 11:33:35 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-09-19 11:33:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-09-19 11:33:35 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-09-19 11:33:35 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-09-19 11:33:35 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-09-19 11:33:34 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-09-19 11:33:34 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-09-19 11:33:34 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-09-19 11:33:34 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-09-19 11:33:34 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-09-19 11:33:34 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-09-19 11:33:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-09-19 11:33:33 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-09-19 11:33:31 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-09-19 11:33:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-09-19 11:33:31 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-09-19 11:33:31 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-09-19 11:33:30 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-09-19 11:33:30 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-09-19 11:33:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-09-19 11:33:30 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-09-19 11:33:30 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-09-19 11:33:30 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-09-19 11:33:29 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-09-19 11:33:29 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-09-19 11:33:29 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-09-19 11:33:29 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-09-19 11:33:28 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-09-19 11:33:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-09-19 11:33:28 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-09-19 11:33:28 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-09-19 11:33:27 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-09-19 11:33:27 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-09-19 11:33:27 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-09-19 11:33:27 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-09-19 11:33:27 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-09-19 11:33:27 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-09-19 11:33:26 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-09-19 11:33:26 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-09-19 11:33:26 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-09-19 11:33:26 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-09-19 11:33:25 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-09-19 11:33:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-09-19 11:33:25 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-09-19 11:33:25 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-09-19 11:33:24 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-09-19 11:33:24 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-09-19 11:33:23 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-09-19 11:33:23 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-09-19 11:33:23 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-09-19 11:33:23 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-09-19 11:33:22 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-09-19 11:33:22 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-09-19 11:33:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-09-19 11:33:22 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-09-19 11:33:22 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-09-19 11:33:22 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-09-19 11:33:21 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-09-19 11:33:21 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-09-19 11:33:20 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-09-19 11:33:20 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-09-19 11:33:19 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-09-19 11:33:19 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-09-19 11:33:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-09-19 11:33:19 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-09-19 11:33:19 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-09-19 11:33:19 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-09-19 11:33:18 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-09-19 11:33:18 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-09-19 11:33:17 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-09-19 11:33:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-09-19 11:33:17 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-09-19 11:33:17 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-09-19 11:33:16 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-09-19 11:33:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-09-19 11:33:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-09-19 11:33:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-09-19 11:33:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-09-19 11:33:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-09-19 11:33:15 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-09-19 11:33:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-09-19 11:33:15 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-09-19 11:33:15 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-09-19 11:33:14 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-09-19 11:33:14 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-09-19 11:33:14 ----A---- C:\Windows\system32\xinput1_3.dll
2012-09-19 11:33:14 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-09-19 11:33:13 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-09-19 11:33:13 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-09-19 11:33:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-09-19 11:33:13 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-09-19 11:33:13 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-09-19 11:33:13 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-09-19 11:33:12 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-09-19 11:33:12 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-09-19 11:33:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-09-19 11:33:12 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-09-19 11:33:11 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-09-19 11:33:11 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-09-19 11:33:10 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-09-19 11:33:10 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-09-19 11:33:10 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-09-19 11:33:10 ----A---- C:\Windows\system32\d3dx10.dll
2012-09-19 11:33:09 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-09-19 11:33:09 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-09-19 11:33:09 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-09-19 11:33:09 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-09-19 11:33:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-09-19 11:33:08 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-09-19 11:33:08 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-09-19 11:33:08 ----A---- C:\Windows\system32\xinput1_2.dll
2012-09-19 11:33:08 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-09-19 11:33:07 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-09-19 11:33:07 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-09-19 11:33:06 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-09-19 11:33:06 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-09-19 11:33:06 ----A---- C:\Windows\system32\xinput1_1.dll
2012-09-19 11:33:06 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-09-19 11:33:04 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-09-19 11:33:04 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-09-19 11:33:02 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-09-19 11:33:02 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-09-19 11:33:02 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-09-19 11:33:02 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-09-19 11:33:02 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-09-19 11:33:02 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-09-19 11:33:01 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-09-19 11:33:01 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-09-19 11:33:00 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-09-19 11:33:00 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-09-19 11:33:00 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-09-19 11:33:00 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-09-19 11:32:59 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-09-19 11:32:59 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-09-19 11:32:58 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-09-19 11:32:58 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-09-19 11:28:47 ----D---- C:\Windows\SYSWOW64\directx
2012-09-16 09:32:28 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-09-16 01:21:37 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-09-12 06:16:53 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-12 06:16:53 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-12 06:16:52 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-12 06:16:51 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-12 06:16:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-12 06:16:50 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-12 06:16:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 21:17:49 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-09-11 21:09:28 ----D---- C:\Program Files\Adobe
2012-09-11 21:09:05 ----D---- C:\Program Files\Common Files\Adobe
2012-09-07 23:23:20 ----D---- C:\Program Files\Babylon
2012-09-07 23:23:20 ----D---- C:\Program Files (x86)\Babylon
2012-09-07 23:23:03 ----A---- C:\user.js
2012-09-07 23:23:02 ----D---- C:\Program Files (x86)\BabylonToolbar
2012-09-07 23:22:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-07 20:01:25 ----D---- C:\Users\Hula\AppData\Roaming\WinRAR
2012-09-07 20:01:01 ----D---- C:\Program Files (x86)\WinRAR
2012-09-07 18:35:36 ----D---- C:\Users\Hula\AppData\Roaming\IsolatedStorage
2012-09-07 18:35:36 ----D---- C:\ProgramData\IsolatedStorage
2012-09-06 22:00:49 ----D---- C:\Program Files (x86)\Winamp Detect
2012-09-06 22:00:20 ----D---- C:\Users\Hula\AppData\Roaming\Winamp
2012-09-06 22:00:20 ----D---- C:\Program Files (x86)\Winamp
2012-09-04 21:02:32 ----D---- C:\ProgramData\Sun
2012-09-04 21:02:15 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-04 21:02:14 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-09-04 21:02:14 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-04 21:02:04 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-04 21:02:04 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-04 21:02:04 ----A---- C:\Windows\SYSWOW64\java.exe
2012-09-04 21:01:48 ----D---- C:\Program Files (x86)\Java
2012-09-03 12:55:11 ----D---- C:\Users\Hula\AppData\Roaming\OpenOffice.org
2012-08-31 11:10:00 ----D---- C:\Program Files (x86)\uTorrent
2012-08-31 11:09:04 ----D---- C:\Users\Hula\AppData\Roaming\uTorrent
======List of files/folders modified in the last 1 month======
2012-09-30 19:55:02 ----D---- C:\Windows\Prefetch
2012-09-30 19:54:57 ----RD---- C:\Program Files
2012-09-30 19:35:34 ----D---- C:\Windows\system32\config
2012-09-30 19:26:01 ----D---- C:\Windows\Temp
2012-09-30 19:13:40 ----D---- C:\Windows\system32\Tasks
2012-09-30 19:13:25 ----AD---- C:\ProgramData\TEMP
2012-09-30 19:09:49 ----SHD---- C:\Windows\Installer
2012-09-30 19:09:33 ----HD---- C:\ProgramData
2012-09-30 19:05:15 ----SHD---- C:\System Volume Information
2012-09-30 19:00:28 ----RSD---- C:\Windows\assembly
2012-09-30 18:59:28 ----D---- C:\Windows
2012-09-30 18:49:47 ----D---- C:\Windows\System32
2012-09-30 18:49:46 ----D---- C:\Windows\SysWOW64
2012-09-30 18:48:00 ----D---- C:\Windows\winsxs
2012-09-30 18:47:53 ----RD---- C:\Program Files (x86)
2012-09-30 18:47:46 ----D---- C:\Program Files (x86)\Common Files
2012-09-30 17:20:04 ----A---- C:\Windows\SYSWOW64\log.txt
2012-09-30 03:24:51 ----D---- C:\Windows\system32\catroot
2012-09-29 12:14:01 ----D---- C:\Users\Hula\AppData\Roaming\Auslogics
2012-09-29 10:28:24 ----D---- C:\Windows\Microsoft.NET
2012-09-29 10:22:15 ----D---- C:\Windows\inf
2012-09-29 10:22:15 ----D---- C:\Program Files\Microsoft Security Client
2012-09-29 10:22:02 ----D---- C:\Windows\system32\drivers
2012-09-29 10:21:59 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-09-28 17:17:13 ----D---- C:\Program Files (x86)\YourFileDownloader
2012-09-28 17:12:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-09-28 17:12:56 ----D---- C:\Windows\system32\cs-CZ
2012-09-28 17:11:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-28 17:10:42 ----D---- C:\Windows\SYSWOW64\en-US
2012-09-28 17:10:42 ----D---- C:\Windows\system32\en-US
2012-09-28 16:10:06 ----D---- C:\Windows\SoftwareDistribution
2012-09-28 06:21:36 ----D---- C:\Windows\system32\catroot2
2012-09-27 10:36:12 ----D---- C:\Windows\rescache
2012-09-26 00:35:53 ----D---- C:\Windows\debug
2012-09-25 21:35:03 ----D---- C:\Users\Hula\AppData\Roaming\KeePass
2012-09-24 13:23:57 ----D---- C:\Windows\system32\DriverStore
2012-09-24 13:23:40 ----RSD---- C:\Windows\Fonts
2012-09-23 11:15:17 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 11:15:17 ----D---- C:\Windows\system32\migration
2012-09-23 11:15:17 ----D---- C:\Program Files\Internet Explorer
2012-09-23 11:15:17 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-20 06:22:48 ----D---- C:\ProgramData\Adobe
2012-09-19 10:26:25 ----D---- C:\Users\Hula\AppData\Roaming\DAEMON Tools Lite
2012-09-16 22:58:03 ----D---- C:\Windows\system32\NDF
2012-09-16 13:20:23 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-09-12 22:44:39 ----D---- C:\Program Files (x86)\iTunes
2012-09-12 06:40:41 ----A---- C:\Windows\system32\MRT.exe
2012-09-11 21:18:45 ----D---- C:\Users\Hula\AppData\Roaming\Adobe
2012-09-11 21:09:54 ----D---- C:\Program Files (x86)\Adobe
2012-09-11 21:09:05 ----D---- C:\Program Files\Common Files
2012-09-10 16:23:40 ----D---- C:\Program Files (x86)\Last.fm
2012-08-31 00:06:39 ----SD---- C:\Users\Hula\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-16 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-27 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-27 303616]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-20 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-22 2736640]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-20 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-20 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-20 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-20 279200]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-05-13 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-03-25 12262336]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-08-24 349800]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-04-07 1826048]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-27 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-20 76448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-13 317496]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-08 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu logu:)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu logu:)
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Log z Adw:
# AdwCleaner v2.004 - Logfile created 10/08/2012 at 20:27:22
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Hula - HULA-PC
# Boot Mode : Normal
# Running from : C:\Users\Hula\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\user.js
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files\Babylon
***** [Registry] *****
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3
-\\ Google Chrome v22.0.1229.79
File : C:\Users\Hula\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Found [l.12] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
Found [l.1333] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Found [l.1833] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
-\\ Opera v [Unable to get version]
File : C:\Users\Hula\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [7809 octets] - [08/10/2012 20:27:22]
########## EOF - C:\AdwCleaner[R1].txt - [7869 octets] ##########
# AdwCleaner v2.004 - Logfile created 10/08/2012 at 20:27:22
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Hula - HULA-PC
# Boot Mode : Normal
# Running from : C:\Users\Hula\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\user.js
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files\Babylon
***** [Registry] *****
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3
-\\ Google Chrome v22.0.1229.79
File : C:\Users\Hula\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Found [l.12] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
Found [l.1333] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Found [l.1833] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
-\\ Opera v [Unable to get version]
File : C:\Users\Hula\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [7809 octets] - [08/10/2012 20:27:22]
########## EOF - C:\AdwCleaner[R1].txt - [7869 octets] ##########
Re: Prosím o preventivní kontrolu logu:)
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Vše proběhlo v pořádku a zde je log:
# AdwCleaner v2.004 - Logfile created 10/09/2012 at 14:55:49
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Hula - HULA-PC
# Boot Mode : Normal
# Running from : C:\Users\Hula\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files\Babylon
***** [Registry] *****
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3 --> hxxp://www.google.com
-\\ Google Chrome v22.0.1229.92
File : C:\Users\Hula\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.8] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
Deleted [l.1334] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Deleted [l.1750] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
-\\ Opera v [Unable to get version]
File : C:\Users\Hula\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [7906 octets] - [08/10/2012 20:27:22]
AdwCleaner[S1].txt - [7764 octets] - [09/10/2012 14:55:49]
########## EOF - C:\AdwCleaner[S1].txt - [7824 octets] ##########
# AdwCleaner v2.004 - Logfile created 10/09/2012 at 14:55:49
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Hula - HULA-PC
# Boot Mode : Normal
# Running from : C:\Users\Hula\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files\Babylon
***** [Registry] *****
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3 --> hxxp://www.google.com
-\\ Google Chrome v22.0.1229.92
File : C:\Users\Hula\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.8] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
Deleted [l.1334] : homepage = "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3",
Deleted [l.1750] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17425&tt=030912_10ftt_3612_3" ]
-\\ Opera v [Unable to get version]
File : C:\Users\Hula\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [7906 octets] - [08/10/2012 20:27:22]
AdwCleaner[S1].txt - [7764 octets] - [09/10/2012 14:55:49]
########## EOF - C:\AdwCleaner[S1].txt - [7824 octets] ##########
Re: Prosím o preventivní kontrolu logu:)
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Log OTL.txt
OTL logfile created on: 9.10.2012 20:18:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hula\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 66,18% Memory free
7,87 Gb Paging File | 6,01 Gb Available in Paging File | 76,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 48,39 Gb Free Space | 49,60% Space Free | Partition Type: NTFS
Drive D: | 498,51 Gb Total Space | 64,61 Gb Free Space | 12,96% Space Free | Partition Type: NTFS
Drive F: | 549,01 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: HULA-PC | User Name: Hula | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.10.09 20:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
PRC - [2012.09.28 17:17:10 | 000,245,168 | ---- | M] (http://yourfiledownloader.com) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.01.17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.02.13 02:49:04 | 000,685,816 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.04.27 09:31:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.05 18:10:14 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012.07.05 18:10:08 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012.06.08 12:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.01.20 18:23:22 | 000,076,448 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.01.17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.13 02:49:04 | 000,685,816 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.16 09:32:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.05 18:11:18 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012.06.08 12:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012.06.08 12:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.13 20:51:16 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.04.27 10:09:00 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.27 08:55:02 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.07 18:40:26 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2011.03.26 01:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.25 18:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.01.31 03:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.20 18:23:52 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.20 18:23:52 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.20 18:23:52 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.20 18:23:50 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.20 18:23:50 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.20 18:23:50 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.20 18:23:50 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.24 21:19:40 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012.06.08 12:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
[2012.09.07 23:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-530651081-4011185774-156565749-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ECF6524-A761-45B3-BC89-837B96ED0079}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.27 23:44:05 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\AutoRun\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\configure\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\install\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{c6847b36-f1ae-11e1-a2ad-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{c6847b36-f1ae-11e1-a2ad-68a3c493976f}\Shell\AutoRun\command - "" = F:\Installer.exe
O33 - MountPoints2\{da7a82fc-efe0-11e1-b268-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{da7a82fc-efe0-11e1-b268-68a3c493976f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.10.09 20:14:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
[2012.10.09 15:05:10 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.10.09 14:57:24 | 000,000,000 | R--D | C] -- C:\Users\Hula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.10.08 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{AE74205B-3330-47A3-A434-4E7A17CADAA0}
[2012.10.08 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{32A2AE6C-98BF-4FCA-A81D-991B98CE868C}
[2012.10.05 12:35:26 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Roaming\GRETECH
[2012.10.05 12:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2012.10.04 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{678BCF89-43FA-4FA3-84AA-4F165A94105F}
[2012.10.04 10:23:14 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2012.10.04 10:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.10.04 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.10.04 10:16:14 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\Windows Live
[2012.10.04 10:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012.10.03 22:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.10.03 22:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.10.03 22:32:08 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\LogMeIn
[2012.10.03 22:32:03 | 000,034,720 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012.10.03 22:32:02 | 000,087,488 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012.10.03 22:32:02 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2012.10.03 22:31:58 | 000,080,800 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012.10.03 22:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012.10.03 22:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2012.10.03 20:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.10.03 20:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012.10.03 20:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.10.03 20:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.10.03 20:12:44 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.10.03 20:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.10.03 20:09:17 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\Microsoft Help
[2012.10.03 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.10.03 20:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.10.03 20:07:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.10.03 07:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
========== Files - Modified Within 7 Days ==========
[2012.10.09 20:20:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.09 20:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
[2012.10.09 19:58:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
[2012.10.09 15:05:56 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.09 15:05:56 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.09 15:05:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.09 15:05:56 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.09 15:05:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.09 15:05:10 | 000,001,204 | ---- | M] () -- C:\Users\Hula\Desktop\Format Factory.lnk
[2012.10.09 15:04:40 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 15:04:40 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 14:57:18 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.10.09 14:57:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.09 14:56:55 | 3169,603,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.09 14:56:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.10.08 23:58:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.10.08 20:25:52 | 000,538,327 | ---- | M] () -- C:\Users\Hula\Desktop\adwcleaner.exe
[2012.10.04 12:03:04 | 005,008,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.03 22:31:56 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012.10.03 08:13:47 | 012,544,128 | ---- | M] () -- C:\Users\Hula\Desktop\EwanDobson_-_Higher(JasonBecker).mp3
========== Files Created - No Company Name ==========
[2012.10.09 20:20:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.09 15:05:10 | 000,001,204 | ---- | C] () -- C:\Users\Hula\Desktop\Format Factory.lnk
[2012.10.08 20:25:47 | 000,538,327 | ---- | C] () -- C:\Users\Hula\Desktop\adwcleaner.exe
[2012.10.04 10:21:51 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.10.04 10:20:59 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.10.03 22:31:55 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012.10.03 22:31:48 | 000,000,994 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012.10.03 08:13:03 | 012,544,128 | ---- | C] () -- C:\Users\Hula\Desktop\EwanDobson_-_Higher(JasonBecker).mp3
[2012.10.01 15:03:50 | 000,031,242 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.09.24 13:24:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.09.20 08:12:56 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.09.16 19:38:48 | 000,003,528 | ---- | C] () -- C:\Users\Hula\AppData\Local\SRDownloader.err
[2012.09.16 16:54:26 | 000,001,104 | ---- | C] () -- C:\Users\Hula\AppData\Local\SRDownloader.nast
[2012.09.11 21:23:15 | 000,000,132 | ---- | C] () -- C:\Users\Hula\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.08.27 12:27:08 | 000,101,480 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.08.08 16:36:57 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.08.08 16:31:05 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.08 16:02:28 | 000,025,984 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011.08.08 16:02:28 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011.08.08 15:44:29 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.08.08 15:27:50 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.08.08 15:27:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.27 10:05:50 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.26 01:16:12 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.03.26 01:16:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.26 01:16:10 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.17 22:05:12 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.08.08 16:42:35 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Ashampoo
[2012.09.29 12:14:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Auslogics
[2012.09.19 10:26:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\DAEMON Tools Lite
[2012.08.28 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GHISLER
[2012.08.19 14:26:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Guitar Pro 6
[2012.09.19 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hothead Games
[2012.09.07 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\IsolatedStorage
[2012.10.07 23:02:38 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\KeePass
[2012.09.03 12:55:11 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\OpenOffice.org
[2012.08.18 14:28:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Opera
[2012.10.01 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Thinstall
[2012.09.26 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Tunngle
[2012.10.08 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\uTorrent
[2011.08.08 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinBatch
[2011.08.08 16:35:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\XnView
[2012.08.30 22:13:33 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\YourFileDownloader
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,027,502 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.18 14:41:50 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.08.18 14:41:51 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[56 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp -> ]
[52 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp -> ]
[4 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp -> ]
[56 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp -> ]
[52 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp -> ]
[4 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.11 21:18:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Adobe
[2012.08.27 13:16:02 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Apple Computer
[2011.08.08 16:42:35 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Ashampoo
[2011.08.08 15:30:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\ATI
[2012.09.29 12:14:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Auslogics
[2012.09.19 10:26:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\DAEMON Tools Lite
[2012.08.28 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GHISLER
[2012.10.05 12:35:26 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GRETECH
[2012.08.19 14:26:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Guitar Pro 6
[2012.09.24 17:55:39 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hamachi
[2011.08.08 15:55:17 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hewlett-Packard
[2012.09.19 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hothead Games
[2012.08.22 11:03:51 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\hpqLog
[2011.08.08 14:16:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Identities
[2011.08.08 16:02:06 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\InstallShield
[2012.09.07 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\IsolatedStorage
[2012.10.07 23:02:38 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\KeePass
[2011.08.08 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Macromedia
[2010.11.21 11:38:16 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Media Center Programs
[2012.08.23 12:47:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Media Player Classic
[2012.10.03 20:17:35 | 000,000,000 | --SD | M] -- C:\Users\Hula\AppData\Roaming\Microsoft
[2012.09.03 12:55:11 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\OpenOffice.org
[2012.08.18 14:28:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Opera
[2012.10.08 23:30:40 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Skype
[2012.10.01 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Thinstall
[2012.09.26 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Tunngle
[2012.10.08 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\uTorrent
[2012.09.06 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Winamp
[2011.08.08 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinBatch
[2012.09.07 20:01:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinRAR
[2011.08.08 16:35:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\XnView
[2012.08.30 22:13:33 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\YourFileDownloader
< %APPDATA%\*.exe /s >
[2011.08.08 15:55:17 | 000,794,112 | ---- | M] (Hewlett-Packard Company) -- C:\Users\Hula\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe
[2011.08.08 15:27:50 | 000,010,134 | R--- | M] () -- C:\Users\Hula\AppData\Roaming\Microsoft\Installer\{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.10.08 23:58:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.10.09 19:58:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.10.09 14:56:30 | 000,000,000 | ---- | M] () -- C:\Windows\system32\Access.dat
[2012.10.09 14:59:38 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Hula\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.08.18 14:41:45 | 000,116,648 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Disabled (Startup Manager)]
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.07.13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.09 20:20:25 | 000,000,512 | ---- | M] () MD5=57F2D780375AD5E6A13AB464E9F2492D -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.08.19 14:24:37 | 000,000,081 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\flz.crackteam.ws.idx
[2012.08.19 14:24:37 | 000,000,236 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fflz.crackteam.ws%2Ffavicon.png
[2012.09.19 10:52:50 | 000,019,185 | ---- | M] () -- \Users\Hula\AppData\Roaming\uTorrent\The.Baconing.v1.0.cracked.READ.NFO-THETA.torrent
< *keygen* /s >
[2012.08.19 14:23:58 | 000,000,236 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fkeygen.ru%2Ffavicon.png
[2012.08.19 14:23:58 | 000,000,055 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\keygen.ru.idx
< *loader* /s >
[2009.09.14 23:48:10 | 000,070,936 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2009.09.22 13:17:26 | 000,030,315 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\WillowGame\CookedPC\Maps\Loader.umap
[2011.03.02 21:35:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\Photodownloader.exe
[2011.03.02 18:57:10 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\de_de\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\en_us\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\es_es\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\it_it\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\no_no\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2011.03.02 18:57:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2011.03.02 18:57:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.12.20 18:45:12 | 001,015,128 | ---- | M] () -- \Program Files (x86)\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.08.08 16:40:50 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.08.08 16:40:59 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2009.06.02 01:16:57 | 000,114,688 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.09.28 17:17:10 | 001,361,328 | ---- | M] () -- \Program Files (x86)\YourFileDownloader\Downloader.exe
[2012.09.28 17:17:17 | 000,001,993 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader\YourFile Downloader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.09.28 17:17:17 | 000,001,993 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\YourFileDownloader\YourFile Downloader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.09.30 18:03:08 | 000,003,528 | ---- | M] () -- \Users\Hula\AppData\Local\SRDownloader.err
[2012.09.30 18:41:32 | 000,001,104 | ---- | M] () -- \Users\Hula\AppData\Local\SRDownloader.nast
[2012.08.27 10:46:52 | 000,003,784 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BNV2VHWP\bundleloader[1].js
[2012.08.27 10:47:00 | 000,000,723 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERH3VPYP\downloaderror[1].js
[2012.08.27 10:47:00 | 000,001,174 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERH3VPYP\downloader[1].js
[2011.08.10 15:13:19 | 000,007,729 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBLQTOFZ\bundleloader[1].js
[2011.08.10 15:13:27 | 000,000,693 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBLQTOFZ\downloaderror[1].js
[2011.08.10 15:13:27 | 000,001,174 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\downloader[1].js
[2011.08.08 16:13:54 | 000,004,487 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GN8KC48\Advert.Advantage.Reloader[1].js
[2012.08.30 22:13:59 | 000,000,214 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fyourfiledownloader.com%2Fstatic%2Fimg%2Ffavicon.png
[2012.08.30 22:13:59 | 000,000,103 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\yourfiledownloader.com.idx
[2012.09.18 18:35:50 | 000,011,269 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\widgets\youtube-downloader-2-1.6.6-1-1.oex
[2012.10.09 20:14:24 | 000,029,638 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.10.29 09:03:06 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.10.29 09:03:06 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.08.08 15:52:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.08.08 15:52:33 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.08.08 15:52:33 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.08.08 15:52:33 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.08.08 15:52:33 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:07BF512B
< End of report >
OTL logfile created on: 9.10.2012 20:18:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hula\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 66,18% Memory free
7,87 Gb Paging File | 6,01 Gb Available in Paging File | 76,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 48,39 Gb Free Space | 49,60% Space Free | Partition Type: NTFS
Drive D: | 498,51 Gb Total Space | 64,61 Gb Free Space | 12,96% Space Free | Partition Type: NTFS
Drive F: | 549,01 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: HULA-PC | User Name: Hula | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.10.09 20:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
PRC - [2012.09.28 17:17:10 | 000,245,168 | ---- | M] (http://yourfiledownloader.com) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.01.17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.02.13 02:49:04 | 000,685,816 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.04.27 09:31:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.05 18:10:14 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012.07.05 18:10:08 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012.06.08 12:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.01.20 18:23:22 | 000,076,448 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.01.17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.13 02:49:04 | 000,685,816 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.16 09:32:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.05 18:11:18 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012.06.08 12:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012.06.08 12:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.13 20:51:16 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.04.27 10:09:00 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.27 08:55:02 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.07 18:40:26 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2011.03.26 01:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.25 18:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.01.31 03:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.20 18:23:52 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.20 18:23:52 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.20 18:23:52 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.20 18:23:50 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.20 18:23:50 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.20 18:23:50 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.20 18:23:50 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.24 21:19:40 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012.06.08 12:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-530651081-4011185774-156565749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
[2012.09.07 23:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Hula\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Hula\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-530651081-4011185774-156565749-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ECF6524-A761-45B3-BC89-837B96ED0079}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.27 23:44:05 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\AutoRun\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\configure\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{90c5fb6d-ffd0-11e1-a290-68a3c493976f}\Shell\install\command - "" = F:\setup.exe -- [2006.10.28 00:30:48 | 000,463,152 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{c6847b36-f1ae-11e1-a2ad-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{c6847b36-f1ae-11e1-a2ad-68a3c493976f}\Shell\AutoRun\command - "" = F:\Installer.exe
O33 - MountPoints2\{da7a82fc-efe0-11e1-b268-68a3c493976f}\Shell - "" = AutoRun
O33 - MountPoints2\{da7a82fc-efe0-11e1-b268-68a3c493976f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.10.09 20:14:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
[2012.10.09 15:05:10 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.10.09 14:57:24 | 000,000,000 | R--D | C] -- C:\Users\Hula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.10.08 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{AE74205B-3330-47A3-A434-4E7A17CADAA0}
[2012.10.08 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{32A2AE6C-98BF-4FCA-A81D-991B98CE868C}
[2012.10.05 12:35:26 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Roaming\GRETECH
[2012.10.05 12:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2012.10.04 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\{678BCF89-43FA-4FA3-84AA-4F165A94105F}
[2012.10.04 10:23:14 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2012.10.04 10:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.10.04 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.10.04 10:16:14 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\Windows Live
[2012.10.04 10:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012.10.03 22:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.10.03 22:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.10.03 22:32:08 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\LogMeIn
[2012.10.03 22:32:03 | 000,034,720 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012.10.03 22:32:02 | 000,087,488 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012.10.03 22:32:02 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2012.10.03 22:31:58 | 000,080,800 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012.10.03 22:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012.10.03 22:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2012.10.03 20:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.10.03 20:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012.10.03 20:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.10.03 20:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.10.03 20:12:44 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.10.03 20:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.10.03 20:09:17 | 000,000,000 | ---D | C] -- C:\Users\Hula\AppData\Local\Microsoft Help
[2012.10.03 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.10.03 20:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.10.03 20:07:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.10.03 07:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
========== Files - Modified Within 7 Days ==========
[2012.10.09 20:20:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.09 20:14:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hula\Desktop\OTL.exe
[2012.10.09 19:58:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
[2012.10.09 15:05:56 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.09 15:05:56 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.09 15:05:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.09 15:05:56 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.09 15:05:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.09 15:05:10 | 000,001,204 | ---- | M] () -- C:\Users\Hula\Desktop\Format Factory.lnk
[2012.10.09 15:04:40 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 15:04:40 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 14:57:18 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.10.09 14:57:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.09 14:56:55 | 3169,603,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.09 14:56:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.10.08 23:58:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.10.08 20:25:52 | 000,538,327 | ---- | M] () -- C:\Users\Hula\Desktop\adwcleaner.exe
[2012.10.04 12:03:04 | 005,008,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.03 22:31:56 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012.10.03 08:13:47 | 012,544,128 | ---- | M] () -- C:\Users\Hula\Desktop\EwanDobson_-_Higher(JasonBecker).mp3
========== Files Created - No Company Name ==========
[2012.10.09 20:20:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.09 15:05:10 | 000,001,204 | ---- | C] () -- C:\Users\Hula\Desktop\Format Factory.lnk
[2012.10.08 20:25:47 | 000,538,327 | ---- | C] () -- C:\Users\Hula\Desktop\adwcleaner.exe
[2012.10.04 10:21:51 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.10.04 10:20:59 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.10.03 22:31:55 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012.10.03 22:31:48 | 000,000,994 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012.10.03 08:13:03 | 012,544,128 | ---- | C] () -- C:\Users\Hula\Desktop\EwanDobson_-_Higher(JasonBecker).mp3
[2012.10.01 15:03:50 | 000,031,242 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.09.24 13:24:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.09.20 08:12:56 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.09.16 19:38:48 | 000,003,528 | ---- | C] () -- C:\Users\Hula\AppData\Local\SRDownloader.err
[2012.09.16 16:54:26 | 000,001,104 | ---- | C] () -- C:\Users\Hula\AppData\Local\SRDownloader.nast
[2012.09.11 21:23:15 | 000,000,132 | ---- | C] () -- C:\Users\Hula\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.08.27 12:27:08 | 000,101,480 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.08.08 16:36:57 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.08.08 16:31:05 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.08 16:02:28 | 000,025,984 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011.08.08 16:02:28 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011.08.08 15:44:29 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.08.08 15:27:50 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.08.08 15:27:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.27 10:05:50 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.26 01:16:12 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.03.26 01:16:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.26 01:16:10 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.17 22:05:12 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.08.08 16:42:35 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Ashampoo
[2012.09.29 12:14:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Auslogics
[2012.09.19 10:26:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\DAEMON Tools Lite
[2012.08.28 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GHISLER
[2012.08.19 14:26:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Guitar Pro 6
[2012.09.19 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hothead Games
[2012.09.07 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\IsolatedStorage
[2012.10.07 23:02:38 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\KeePass
[2012.09.03 12:55:11 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\OpenOffice.org
[2012.08.18 14:28:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Opera
[2012.10.01 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Thinstall
[2012.09.26 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Tunngle
[2012.10.08 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\uTorrent
[2011.08.08 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinBatch
[2011.08.08 16:35:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\XnView
[2012.08.30 22:13:33 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\YourFileDownloader
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,027,502 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.18 14:41:50 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.08.18 14:41:51 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[56 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp -> ]
[52 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp -> ]
[4 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp -> ]
[56 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0000\*.tmp -> ]
[52 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\g_0001\*.tmp -> ]
[4 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera Next\icons\cache\g_0000\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.11 21:18:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Adobe
[2012.08.27 13:16:02 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Apple Computer
[2011.08.08 16:42:35 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Ashampoo
[2011.08.08 15:30:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\ATI
[2012.09.29 12:14:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Auslogics
[2012.09.19 10:26:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\DAEMON Tools Lite
[2012.08.28 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GHISLER
[2012.10.05 12:35:26 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\GRETECH
[2012.08.19 14:26:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Guitar Pro 6
[2012.09.24 17:55:39 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hamachi
[2011.08.08 15:55:17 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hewlett-Packard
[2012.09.19 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Hothead Games
[2012.08.22 11:03:51 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\hpqLog
[2011.08.08 14:16:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Identities
[2011.08.08 16:02:06 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\InstallShield
[2012.09.07 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\IsolatedStorage
[2012.10.07 23:02:38 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\KeePass
[2011.08.08 16:14:08 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Macromedia
[2010.11.21 11:38:16 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Media Center Programs
[2012.08.23 12:47:01 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Media Player Classic
[2012.10.03 20:17:35 | 000,000,000 | --SD | M] -- C:\Users\Hula\AppData\Roaming\Microsoft
[2012.09.03 12:55:11 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\OpenOffice.org
[2012.08.18 14:28:43 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Opera
[2012.10.08 23:30:40 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Skype
[2012.10.01 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Thinstall
[2012.09.26 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Tunngle
[2012.10.08 00:10:20 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\uTorrent
[2012.09.06 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\Winamp
[2011.08.08 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinBatch
[2012.09.07 20:01:25 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\WinRAR
[2011.08.08 16:35:45 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\XnView
[2012.08.30 22:13:33 | 000,000,000 | ---D | M] -- C:\Users\Hula\AppData\Roaming\YourFileDownloader
< %APPDATA%\*.exe /s >
[2011.08.08 15:55:17 | 000,794,112 | ---- | M] (Hewlett-Packard Company) -- C:\Users\Hula\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe
[2011.08.08 15:27:50 | 000,010,134 | R--- | M] () -- C:\Users\Hula\AppData\Roaming\Microsoft\Installer\{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.10.08 23:58:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000Core.job
[2012.10.09 19:58:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530651081-4011185774-156565749-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.10.09 14:56:30 | 000,000,000 | ---- | M] () -- C:\Windows\system32\Access.dat
[2012.10.09 14:59:38 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Hula\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.08.18 14:41:45 | 000,116,648 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Disabled (Startup Manager)]
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.07.13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.09 20:20:25 | 000,000,512 | ---- | M] () MD5=57F2D780375AD5E6A13AB464E9F2492D -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.08.19 14:24:37 | 000,000,081 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\flz.crackteam.ws.idx
[2012.08.19 14:24:37 | 000,000,236 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fflz.crackteam.ws%2Ffavicon.png
[2012.09.19 10:52:50 | 000,019,185 | ---- | M] () -- \Users\Hula\AppData\Roaming\uTorrent\The.Baconing.v1.0.cracked.READ.NFO-THETA.torrent
< *keygen* /s >
[2012.08.19 14:23:58 | 000,000,236 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fkeygen.ru%2Ffavicon.png
[2012.08.19 14:23:58 | 000,000,055 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\keygen.ru.idx
< *loader* /s >
[2009.09.14 23:48:10 | 000,070,936 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2009.09.22 13:17:26 | 000,030,315 | ---- | M] () -- \Program Files (x86)\2K Games\Gearbox Software\Borderlands\WillowGame\CookedPC\Maps\Loader.umap
[2011.03.02 21:35:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\Photodownloader.exe
[2011.03.02 18:57:10 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\de_de\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\en_us\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\es_es\Photodownloader.ini
[2011.03.02 18:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\it_it\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\no_no\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2011.03.02 18:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2011.03.02 18:57:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2011.03.02 18:57:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.12.20 18:45:12 | 001,015,128 | ---- | M] () -- \Program Files (x86)\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.08.08 16:40:50 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.08.08 16:40:59 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2009.06.02 01:16:57 | 000,114,688 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.09.28 17:17:10 | 001,361,328 | ---- | M] () -- \Program Files (x86)\YourFileDownloader\Downloader.exe
[2012.09.28 17:17:17 | 000,001,993 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader\YourFile Downloader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.09.28 17:17:17 | 000,001,993 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\YourFileDownloader\YourFile Downloader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.09.30 18:03:08 | 000,003,528 | ---- | M] () -- \Users\Hula\AppData\Local\SRDownloader.err
[2012.09.30 18:41:32 | 000,001,104 | ---- | M] () -- \Users\Hula\AppData\Local\SRDownloader.nast
[2012.08.27 10:46:52 | 000,003,784 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BNV2VHWP\bundleloader[1].js
[2012.08.27 10:47:00 | 000,000,723 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERH3VPYP\downloaderror[1].js
[2012.08.27 10:47:00 | 000,001,174 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERH3VPYP\downloader[1].js
[2011.08.10 15:13:19 | 000,007,729 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBLQTOFZ\bundleloader[1].js
[2011.08.10 15:13:27 | 000,000,693 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBLQTOFZ\downloaderror[1].js
[2011.08.10 15:13:27 | 000,001,174 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\downloader[1].js
[2011.08.08 16:13:54 | 000,004,487 | ---- | M] () -- \Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5GN8KC48\Advert.Advantage.Reloader[1].js
[2012.08.30 22:13:59 | 000,000,214 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\http%3A%2F%2Fyourfiledownloader.com%2Fstatic%2Fimg%2Ffavicon.png
[2012.08.30 22:13:59 | 000,000,103 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\icons\yourfiledownloader.com.idx
[2012.09.18 18:35:50 | 000,011,269 | ---- | M] () -- \Users\Hula\AppData\Local\Opera\Opera Next\widgets\youtube-downloader-2-1.6.6-1-1.oex
[2012.10.09 20:14:24 | 000,029,638 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.10.29 09:03:06 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.10.29 09:03:06 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.08.08 15:52:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.08.08 15:52:33 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.08.08 15:52:33 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.08.08 15:52:33 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.08.08 15:52:33 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:07BF512B
< End of report >
Re: Prosím o preventivní kontrolu logu:)
Log Extras.txt
OTL Extras logfile created on: 9.10.2012 20:18:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hula\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 66,18% Memory free
7,87 Gb Paging File | 6,01 Gb Available in Paging File | 76,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 48,39 Gb Free Space | 49,60% Space Free | Partition Type: NTFS
Drive D: | 498,51 Gb Total Space | 64,61 Gb Free Space | 12,96% Space Free | Partition Type: NTFS
Drive F: | 549,01 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: HULA-PC | User Name: Hula | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{190FFFF7-C73D-4B8B-98FE-58FAF6876DD6}" = rport=139 | protocol=6 | dir=out | app=system |
"{1FFFC40E-52AF-42E7-BB7E-00A99D869F9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{302FEB4A-1088-4A18-875A-A6097D93869D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3130EAEB-E86D-4204-BA7F-0C6BE4CB578D}" = lport=139 | protocol=6 | dir=in | app=system |
"{32E711DA-2E62-457E-AE2C-E3C8C7C279DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36CADB0E-542D-42B1-9E9E-0FDF13A94014}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{387EBBA0-1EF9-413F-B6A4-DE5553E11DE9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40353536-94E9-4411-9B43-26392FB90F34}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45A04533-11FD-4D41-842A-2A8E0B797049}" = lport=10243 | protocol=6 | dir=in | app=system |
"{45FD155C-52B9-4970-8447-77D14136858D}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B937D39-7DCA-4583-BE6F-81D95C190068}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D28B294-5226-421E-BDF5-0F73EC539A71}" = rport=138 | protocol=17 | dir=out | app=system |
"{5CBD1228-A6DC-43B3-A951-9C7B54F08ABC}" = lport=80 | protocol=6 | dir=out | app=d:\hry\left4dead2\left4dead2.gex |
"{788183E5-9BE0-496E-A155-56D68CC362B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{8C175AE8-9399-4D9D-B1C7-4E3133194C8C}" = rport=445 | protocol=6 | dir=out | app=system |
"{8D672DBF-D20F-4D41-864A-89C05CD92B83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9563445F-680B-434E-97E1-E5317A3ED834}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AC45B1F8-6191-45D1-A98D-004F8460C3C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF0BB2F0-4593-431F-ADBA-F9BC9FE140A4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE119FEF-C8F3-485A-94D2-3C6638B32DC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF25ADA9-D29C-4CCB-AAA1-9F75524A3408}" = lport=445 | protocol=6 | dir=in | app=system |
"{D432A08E-9453-4868-AE4D-994458DBF09E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D61C5CF8-7C96-47C3-A372-DDAF6F926F8F}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC96E0FB-7C96-4F2B-B91A-6DC654FE5F9A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2B6454A-2F15-41B1-8E6E-6D00C2A9331E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F0C2F3C3-5928-48A3-B249-435FCCF25D31}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9FFB98C-CA8C-43E1-B783-F8741DE60A7B}" = lport=80 | protocol=6 | dir=out | app=d:\hry\left4dead2\left4dead2.exe |
"{FC3CF046-5E1A-4355-8B8B-688DF4E2481D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060075B9-C7A0-479C-9F4B-8A13264EAE99}" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{078D813E-4687-4219-B655-EB8E4EB07717}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{0D4BE985-348C-4AC0-BD7E-9D6FF0FF0042}" = protocol=17 | dir=in | app=d:\hry\ut04\unreal tournament 2004 ludicrous edition\system\ut2004.exe |
"{0EABCA7E-B664-41D8-BAF9-A2EB79DF4D85}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F6B372E-B623-44CD-8261-7D6816F17940}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1217DC98-FBBC-4CB0-9C51-597BEBF79E99}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{13924FFB-DB90-410A-9A4D-E45BC6F9EA36}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{241C735B-72D1-4B6A-A08F-41E65578F71C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{25BFAA4A-62DF-4439-A156-6365955871EE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26541798-F169-45C9-8EB0-8D4F028C84F2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2A3F9579-A2C0-4647-BC0E-504ABFEC7A6E}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"{2B5CB23E-B65A-4A25-9C33-4B5DC890FF5A}" = protocol=6 | dir=out | app=system |
"{32989854-19EC-420F-86C6-11EA6DC63C2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3524BD99-64B9-4881-806D-9573442D37B7}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{364BB9CD-3DF9-4A0B-8D26-7F9C89BE6352}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{492DB057-D088-4EFD-8281-4B83B15C9856}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"{499F9BCB-B2A9-4FF1-8AEA-CBE65CC02871}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C602C0A-BA23-4068-B939-7B9CE457D95C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CC69B07-17AA-4D56-B46D-C24A4D0F06B2}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{52D594A3-9C46-4BDC-980E-3A2F40597764}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{565358E2-9DE9-4215-8E70-843F72855024}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5C91D771-CD64-42A8-BBEA-C27C2DD2A6D3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{5DBF939D-4A73-42ED-B21B-A450C89D7AC2}" = protocol=6 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"{6368A61F-17BE-41C2-B6A4-C93A2C84AB36}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{6B69F5D9-DA89-4D4B-9788-2449CD099B03}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6E47FC4A-A06E-4390-BA7B-53BCDD2D3FD9}" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{73AA6039-86ED-4C11-8445-0780E480BA1A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{76C1D37E-2632-496E-B0F4-41C0023C6F37}" = protocol=58 | dir=in | app=system |
"{7981C8E6-2B00-4FA0-BC50-03D1286160D4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7BF33DE7-5823-404A-B1FB-41176EDFCC1D}" = protocol=6 | dir=in | app=d:\hry\ut04\unreal tournament 2004 ludicrous edition\system\ut2004.exe |
"{7C084DC8-8F04-4344-9B6E-07B00D15F48A}" = protocol=17 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"{7E92B735-F442-41CC-BE5D-0CA9B1FE459F}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{831139E9-DBE0-450D-977E-EB84D16767B8}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{88371EB9-B4B4-4CFF-9FA0-59692A77D30A}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8C2AFB77-38A9-457F-8619-864B0DA5856C}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8D129E23-629A-495E-9CE2-9E9AEDDAA89F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E2B505F-96AB-4232-B376-B9DE0F03352C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9301C8A4-3731-4474-ADA1-9CCC2C388D57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97683D51-410B-4DDF-AAD6-DA07121A4DBC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{97C2E5AC-55A8-400C-B9FF-23BE45E8B9EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{986B3523-EC6D-451D-9B6A-86CCDACBAA24}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{9B6B59D2-EDD1-48C0-9DD7-30449A88EB50}" = protocol=17 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"{9CC2DDAF-3FC5-4725-9BC7-18A0654D426B}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{9CDF21DE-98D9-4DDB-9A63-F872F308BF13}" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{9FDE3E74-C1C1-493D-904F-717CB6A38958}" = dir=in | app=%programfiles% (x86)\2k games\borderlands 2\binaries\win32\b2launcher.exe |
"{A399F01F-1C2D-4BC7-B59D-001F7A1E77CA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3063B26-3FBB-444C-AD75-411D6B802B19}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B755C041-06BA-45F6-B5D9-B232695F7E81}" = dir=out | app=%programfiles% (x86)\2k games\borderlands 2\binaries\win32\b2launcher.exe |
"{B9AE4BD2-0F3D-493B-A80B-073FCD866BB8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BE611143-17DE-42E7-95D0-02AAEE1EBBAB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C2E22B35-30AA-49C2-89D5-CB2FA2A3E8D2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C8267BF1-BC17-4AFA-9D6F-3095FF9880A7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD54834C-B09B-45D8-ABEB-43BE0DB34851}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7D3FCBA-5606-43BC-BEEE-A3B2C038E721}" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{E2A0BEFA-A78B-4748-866B-9211DB7F70CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E33A2A47-1F74-4F97-A653-719F0A88763F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E6E0A427-6C0E-4B34-8336-1843B2DBBD53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7E5D72E-F23A-47D6-816A-42B36AD0DA88}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{EBA32E63-52A3-4CC1-B5A4-87F80614C3AF}" = protocol=6 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"{F7A36B33-E4C1-469B-8C7F-C7FE3CB51C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{FBAD73BA-2A0F-4227-8F41-47402F80B8AE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{2A5A730D-0A0E-45F2-8963-F2519971D46E}D:\hry\diablo 2 hd\d2multiresgame.exe" = protocol=6 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"TCP Query User{67C8301A-89DF-4C1A-B195-6E4DA8ABABAC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{BDD796A0-08C5-49BA-8BE6-F41F8CB243F4}C:\program files (x86)\opera next\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"TCP Query User{CC22243F-E4CC-41D6-996A-E2872C156697}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{D674CA5E-A17A-4EF6-BE82-EAE463604B24}D:\hry\_image\metal drift 4alz by rayan\metal drift.exe" = protocol=6 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"TCP Query User{ECAA6034-1E91-43F8-BAD2-FE3259B29D8C}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0BB06F90-91BB-46D7-AAA5-D6EFB582BBA4}D:\hry\diablo 2 hd\d2multiresgame.exe" = protocol=17 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"UDP Query User{4386346D-1846-44C8-B667-254B8830489A}D:\hry\_image\metal drift 4alz by rayan\metal drift.exe" = protocol=17 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"UDP Query User{521AA322-2CE6-4240-90B4-7C6C46F8199A}C:\program files (x86)\opera next\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"UDP Query User{6544738D-2A12-49AD-AD75-22A9E69DFF26}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{691CF2FD-ED13-419B-A154-E4734FE92B14}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{99D33E47-4D3E-49A6-9724-D177A548F8AE}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64C0356C-C3E0-032C-3A3D-341FD4623165}" = ATI Catalyst Install Manager
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB6F2A94-9A12-4CB0-8BB4-E36F4F2DF643}" = HP HotKey Support
"{D7166FE7-32BA-0C4E-CEC7-E3F84470FC60}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E63C9DDB-74E0-5A5F-7979-32905406D899}" = WMV9/VC-1 Video Playback
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F18668B-C7CE-5BC3-3878-E3DDC53EC228}" = CCC Help Greek
"{0F6D9B10-93CF-57D6-A8C6-61742B549F8C}" = CCC Help Hungarian
"{11775B47-F0F5-0D99-9CCB-ADF2F7B4793B}" = CCC Help Korean
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1590A987-E170-860F-E565-FB8B3E0D5E2A}" = CCC Help Czech
"{1BD1DC49-0B70-0E91-B2FC-58A749838800}" = CCC Help Russian
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22461A1C-BD68-4D90-9897-1DB146D55ECB}" = LogMeIn
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{29985347-1105-D77E-6AA0-EDC1B30906F5}" = CCC Help Thai
"{2BA5F085-B901-C43E-595C-618C2B005810}" = CCC Help Danish
"{2F92F040-AEA9-59A2-4897-3313579EB777}" = Catalyst Control Center Profiles Mobile
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3917BE34-FF0E-8814-79C2-F398B9F5DC71}" = Catalyst Control Center Localization All
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B5FC11-B3FC-E703-1430-B02E1E0102E8}" = CCC Help Turkish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5D6590E6-5E21-583B-4399-868589376986}" = Catalyst Control Center Graphics Previews Common
"{61B2A4A8-85BF-4C14-5052-5E314B5FDCCA}" = CCC Help German
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68DF4A5B-B921-53B6-37BE-6C5B62813DAD}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{763DCEBA-0B72-0C7D-61CF-620CE14FC161}" = Catalyst Control Center
"{778D3250-3061-C6BD-BADB-559B8177F59F}" = CCC Help Norwegian
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E0828BE-44C3-F051-3100-F6FAEE573D55}" = CCC Help Chinese Standard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6
"{9A0049D3-078F-9470-14CE-F1E69752F512}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53EE2F2-B7B3-B49F-B6BF-96EF8D2D9F26}" = CCC Help Italian
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B19F4FF8-E3BA-1BB8-4F47-48D91F28C479}" = CCC Help Polish
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7CC9483-5BAF-4F14-0563-2C2674661112}" = Catalyst Control Center InstallProxy
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CCE50A92-CEDE-E2C0-5783-601A3B3DC63E}" = CCC Help Finnish
"{CD09EBBD-793E-6903-6335-642A470D0B23}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E330ABB9-2BD8-504C-B959-26C889CC14C2}" = CCC Help Dutch
"{E3F745B0-29B9-9483-3962-A1EDD958C24E}" = CCC Help Chinese Traditional
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}_is1" = Unreal Tournament 2004 Ludicrous Edition
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEE1FF07-FDE5-0EFB-45F3-0FE909C6E539}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FB1F181C-3CF3-5341-59F8-2C9A78BB66C5}" = CCC Help Spanish
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}" = PX Profile Update
"{FCE18696-8A12-B6A9-9C3B-7545EB5FE5EB}" = CCC Help English
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATMA V" = ATMA V 5.05
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.60
"Game Booster_is1" = Game Booster 3
"GOM Player" = GOM Player
"Guitar Pro 5_is1" = Guitar Pro 5.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.16
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.5.0 (Standard)
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"LastFM_is1" = Last.fm 1.5.4.27091
"LogMeIn Hamachi" = LogMeIn Hamachi
"Opera 12.50.1513" = Opera Next 12.50 internal build 1513
"ST6UNST #1" = Hero Editor V0.96
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.44-4
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XnView_is1" = XnView 1.98
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
"YourFileDownloader" = YourFileDownloader
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5.10.2012 2:51:19 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.10.2012 3:32:37 | Computer Name = Hula-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: GOM.EXE, verze: 2.1.43.5119, časové razítko:
0x5016836b Název chybujícího modulu: libavcodec.dll, verze: 0.0.0.0, časové razítko:
0x4f9a496c Kód výjimky: 0xc0000005 Posun chyby: 0x00156ec5 ID chybujícího procesu:
0xf9c Čas spuštění chybující aplikace: 0x01cda2cb94f4a3eb Cesta k chybující aplikaci:
C:\PROGRA~2\GRETECH\GOMPLA~1\GOM.EXE Cesta k chybujícímu modulu: C:\Program Files
(x86)\GRETECH\GomPlayer\libavcodec.dll ID zprávy: d583cd49-0ebe-11e2-a500-68a3c493976f
Error - 6.10.2012 18:03:50 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 7.10.2012 4:34:27 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 3:23:37 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 10:50:06 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 11:19:51 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 1:51:51 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 7:32:29 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 8:57:47 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4.10.2012 11:39:34 | Computer Name = Hula-PC | Source = BROWSER | ID = 8032
Description =
Error - 4.10.2012 13:38:46 | Computer Name = Hula-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.137.1026.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.8800.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete
v nápovědě a podpoře.
Error - 4.10.2012 15:34:19 | Computer Name = Hula-PC | Source = DCOM | ID = 10010
Description =
Error - 4.10.2012 15:40:14 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:14 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:15 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:15 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:16 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 19:40:53 | Computer Name = Hula-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
5.197.185.252. Počítač s IP adresou 5.207.18.144 nepovolil získání názvu tímto počítačem.
Error - 4.10.2012 20:46:02 | Computer Name = Hula-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL Extras logfile created on: 9.10.2012 20:18:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hula\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 66,18% Memory free
7,87 Gb Paging File | 6,01 Gb Available in Paging File | 76,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 48,39 Gb Free Space | 49,60% Space Free | Partition Type: NTFS
Drive D: | 498,51 Gb Total Space | 64,61 Gb Free Space | 12,96% Space Free | Partition Type: NTFS
Drive F: | 549,01 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: HULA-PC | User Name: Hula | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{190FFFF7-C73D-4B8B-98FE-58FAF6876DD6}" = rport=139 | protocol=6 | dir=out | app=system |
"{1FFFC40E-52AF-42E7-BB7E-00A99D869F9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{302FEB4A-1088-4A18-875A-A6097D93869D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3130EAEB-E86D-4204-BA7F-0C6BE4CB578D}" = lport=139 | protocol=6 | dir=in | app=system |
"{32E711DA-2E62-457E-AE2C-E3C8C7C279DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36CADB0E-542D-42B1-9E9E-0FDF13A94014}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{387EBBA0-1EF9-413F-B6A4-DE5553E11DE9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40353536-94E9-4411-9B43-26392FB90F34}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45A04533-11FD-4D41-842A-2A8E0B797049}" = lport=10243 | protocol=6 | dir=in | app=system |
"{45FD155C-52B9-4970-8447-77D14136858D}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B937D39-7DCA-4583-BE6F-81D95C190068}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D28B294-5226-421E-BDF5-0F73EC539A71}" = rport=138 | protocol=17 | dir=out | app=system |
"{5CBD1228-A6DC-43B3-A951-9C7B54F08ABC}" = lport=80 | protocol=6 | dir=out | app=d:\hry\left4dead2\left4dead2.gex |
"{788183E5-9BE0-496E-A155-56D68CC362B1}" = rport=137 | protocol=17 | dir=out | app=system |
"{8C175AE8-9399-4D9D-B1C7-4E3133194C8C}" = rport=445 | protocol=6 | dir=out | app=system |
"{8D672DBF-D20F-4D41-864A-89C05CD92B83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9563445F-680B-434E-97E1-E5317A3ED834}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AC45B1F8-6191-45D1-A98D-004F8460C3C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF0BB2F0-4593-431F-ADBA-F9BC9FE140A4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE119FEF-C8F3-485A-94D2-3C6638B32DC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF25ADA9-D29C-4CCB-AAA1-9F75524A3408}" = lport=445 | protocol=6 | dir=in | app=system |
"{D432A08E-9453-4868-AE4D-994458DBF09E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D61C5CF8-7C96-47C3-A372-DDAF6F926F8F}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC96E0FB-7C96-4F2B-B91A-6DC654FE5F9A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2B6454A-2F15-41B1-8E6E-6D00C2A9331E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F0C2F3C3-5928-48A3-B249-435FCCF25D31}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9FFB98C-CA8C-43E1-B783-F8741DE60A7B}" = lport=80 | protocol=6 | dir=out | app=d:\hry\left4dead2\left4dead2.exe |
"{FC3CF046-5E1A-4355-8B8B-688DF4E2481D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060075B9-C7A0-479C-9F4B-8A13264EAE99}" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{078D813E-4687-4219-B655-EB8E4EB07717}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{0D4BE985-348C-4AC0-BD7E-9D6FF0FF0042}" = protocol=17 | dir=in | app=d:\hry\ut04\unreal tournament 2004 ludicrous edition\system\ut2004.exe |
"{0EABCA7E-B664-41D8-BAF9-A2EB79DF4D85}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F6B372E-B623-44CD-8261-7D6816F17940}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1217DC98-FBBC-4CB0-9C51-597BEBF79E99}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{13924FFB-DB90-410A-9A4D-E45BC6F9EA36}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{241C735B-72D1-4B6A-A08F-41E65578F71C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{25BFAA4A-62DF-4439-A156-6365955871EE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26541798-F169-45C9-8EB0-8D4F028C84F2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2A3F9579-A2C0-4647-BC0E-504ABFEC7A6E}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"{2B5CB23E-B65A-4A25-9C33-4B5DC890FF5A}" = protocol=6 | dir=out | app=system |
"{32989854-19EC-420F-86C6-11EA6DC63C2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3524BD99-64B9-4881-806D-9573442D37B7}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{364BB9CD-3DF9-4A0B-8D26-7F9C89BE6352}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{492DB057-D088-4EFD-8281-4B83B15C9856}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"{499F9BCB-B2A9-4FF1-8AEA-CBE65CC02871}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C602C0A-BA23-4068-B939-7B9CE457D95C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CC69B07-17AA-4D56-B46D-C24A4D0F06B2}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{52D594A3-9C46-4BDC-980E-3A2F40597764}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{565358E2-9DE9-4215-8E70-843F72855024}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5C91D771-CD64-42A8-BBEA-C27C2DD2A6D3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{5DBF939D-4A73-42ED-B21B-A450C89D7AC2}" = protocol=6 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"{6368A61F-17BE-41C2-B6A4-C93A2C84AB36}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{6B69F5D9-DA89-4D4B-9788-2449CD099B03}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6E47FC4A-A06E-4390-BA7B-53BCDD2D3FD9}" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{73AA6039-86ED-4C11-8445-0780E480BA1A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{76C1D37E-2632-496E-B0F4-41C0023C6F37}" = protocol=58 | dir=in | app=system |
"{7981C8E6-2B00-4FA0-BC50-03D1286160D4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7BF33DE7-5823-404A-B1FB-41176EDFCC1D}" = protocol=6 | dir=in | app=d:\hry\ut04\unreal tournament 2004 ludicrous edition\system\ut2004.exe |
"{7C084DC8-8F04-4344-9B6E-07B00D15F48A}" = protocol=17 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"{7E92B735-F442-41CC-BE5D-0CA9B1FE459F}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{831139E9-DBE0-450D-977E-EB84D16767B8}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{88371EB9-B4B4-4CFF-9FA0-59692A77D30A}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8C2AFB77-38A9-457F-8619-864B0DA5856C}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8D129E23-629A-495E-9CE2-9E9AEDDAA89F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E2B505F-96AB-4232-B376-B9DE0F03352C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9301C8A4-3731-4474-ADA1-9CCC2C388D57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97683D51-410B-4DDF-AAD6-DA07121A4DBC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{97C2E5AC-55A8-400C-B9FF-23BE45E8B9EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{986B3523-EC6D-451D-9B6A-86CCDACBAA24}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{9B6B59D2-EDD1-48C0-9DD7-30449A88EB50}" = protocol=17 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"{9CC2DDAF-3FC5-4725-9BC7-18A0654D426B}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{9CDF21DE-98D9-4DDB-9A63-F872F308BF13}" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{9FDE3E74-C1C1-493D-904F-717CB6A38958}" = dir=in | app=%programfiles% (x86)\2k games\borderlands 2\binaries\win32\b2launcher.exe |
"{A399F01F-1C2D-4BC7-B59D-001F7A1E77CA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3063B26-3FBB-444C-AD75-411D6B802B19}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B755C041-06BA-45F6-B5D9-B232695F7E81}" = dir=out | app=%programfiles% (x86)\2k games\borderlands 2\binaries\win32\b2launcher.exe |
"{B9AE4BD2-0F3D-493B-A80B-073FCD866BB8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BE611143-17DE-42E7-95D0-02AAEE1EBBAB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C2E22B35-30AA-49C2-89D5-CB2FA2A3E8D2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C8267BF1-BC17-4AFA-9D6F-3095FF9880A7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD54834C-B09B-45D8-ABEB-43BE0DB34851}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7D3FCBA-5606-43BC-BEEE-A3B2C038E721}" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{E2A0BEFA-A78B-4748-866B-9211DB7F70CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E33A2A47-1F74-4F97-A653-719F0A88763F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E6E0A427-6C0E-4B34-8336-1843B2DBBD53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7E5D72E-F23A-47D6-816A-42B36AD0DA88}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{EBA32E63-52A3-4CC1-B5A4-87F80614C3AF}" = protocol=6 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"{F7A36B33-E4C1-469B-8C7F-C7FE3CB51C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{FBAD73BA-2A0F-4227-8F41-47402F80B8AE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{2A5A730D-0A0E-45F2-8963-F2519971D46E}D:\hry\diablo 2 hd\d2multiresgame.exe" = protocol=6 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"TCP Query User{67C8301A-89DF-4C1A-B195-6E4DA8ABABAC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{BDD796A0-08C5-49BA-8BE6-F41F8CB243F4}C:\program files (x86)\opera next\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"TCP Query User{CC22243F-E4CC-41D6-996A-E2872C156697}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{D674CA5E-A17A-4EF6-BE82-EAE463604B24}D:\hry\_image\metal drift 4alz by rayan\metal drift.exe" = protocol=6 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"TCP Query User{ECAA6034-1E91-43F8-BAD2-FE3259B29D8C}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0BB06F90-91BB-46D7-AAA5-D6EFB582BBA4}D:\hry\diablo 2 hd\d2multiresgame.exe" = protocol=17 | dir=in | app=d:\hry\diablo 2 hd\d2multiresgame.exe |
"UDP Query User{4386346D-1846-44C8-B667-254B8830489A}D:\hry\_image\metal drift 4alz by rayan\metal drift.exe" = protocol=17 | dir=in | app=d:\hry\_image\metal drift 4alz by rayan\metal drift.exe |
"UDP Query User{521AA322-2CE6-4240-90B4-7C6C46F8199A}C:\program files (x86)\opera next\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"UDP Query User{6544738D-2A12-49AD-AD75-22A9E69DFF26}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{691CF2FD-ED13-419B-A154-E4734FE92B14}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{99D33E47-4D3E-49A6-9724-D177A548F8AE}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64C0356C-C3E0-032C-3A3D-341FD4623165}" = ATI Catalyst Install Manager
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB6F2A94-9A12-4CB0-8BB4-E36F4F2DF643}" = HP HotKey Support
"{D7166FE7-32BA-0C4E-CEC7-E3F84470FC60}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E63C9DDB-74E0-5A5F-7979-32905406D899}" = WMV9/VC-1 Video Playback
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F18668B-C7CE-5BC3-3878-E3DDC53EC228}" = CCC Help Greek
"{0F6D9B10-93CF-57D6-A8C6-61742B549F8C}" = CCC Help Hungarian
"{11775B47-F0F5-0D99-9CCB-ADF2F7B4793B}" = CCC Help Korean
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1590A987-E170-860F-E565-FB8B3E0D5E2A}" = CCC Help Czech
"{1BD1DC49-0B70-0E91-B2FC-58A749838800}" = CCC Help Russian
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22461A1C-BD68-4D90-9897-1DB146D55ECB}" = LogMeIn
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{29985347-1105-D77E-6AA0-EDC1B30906F5}" = CCC Help Thai
"{2BA5F085-B901-C43E-595C-618C2B005810}" = CCC Help Danish
"{2F92F040-AEA9-59A2-4897-3313579EB777}" = Catalyst Control Center Profiles Mobile
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3917BE34-FF0E-8814-79C2-F398B9F5DC71}" = Catalyst Control Center Localization All
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B5FC11-B3FC-E703-1430-B02E1E0102E8}" = CCC Help Turkish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5D6590E6-5E21-583B-4399-868589376986}" = Catalyst Control Center Graphics Previews Common
"{61B2A4A8-85BF-4C14-5052-5E314B5FDCCA}" = CCC Help German
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68DF4A5B-B921-53B6-37BE-6C5B62813DAD}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{763DCEBA-0B72-0C7D-61CF-620CE14FC161}" = Catalyst Control Center
"{778D3250-3061-C6BD-BADB-559B8177F59F}" = CCC Help Norwegian
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E0828BE-44C3-F051-3100-F6FAEE573D55}" = CCC Help Chinese Standard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6
"{9A0049D3-078F-9470-14CE-F1E69752F512}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53EE2F2-B7B3-B49F-B6BF-96EF8D2D9F26}" = CCC Help Italian
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B19F4FF8-E3BA-1BB8-4F47-48D91F28C479}" = CCC Help Polish
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7CC9483-5BAF-4F14-0563-2C2674661112}" = Catalyst Control Center InstallProxy
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CCE50A92-CEDE-E2C0-5783-601A3B3DC63E}" = CCC Help Finnish
"{CD09EBBD-793E-6903-6335-642A470D0B23}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E330ABB9-2BD8-504C-B959-26C889CC14C2}" = CCC Help Dutch
"{E3F745B0-29B9-9483-3962-A1EDD958C24E}" = CCC Help Chinese Traditional
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}_is1" = Unreal Tournament 2004 Ludicrous Edition
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEE1FF07-FDE5-0EFB-45F3-0FE909C6E539}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FB1F181C-3CF3-5341-59F8-2C9A78BB66C5}" = CCC Help Spanish
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}" = PX Profile Update
"{FCE18696-8A12-B6A9-9C3B-7545EB5FE5EB}" = CCC Help English
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATMA V" = ATMA V 5.05
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.60
"Game Booster_is1" = Game Booster 3
"GOM Player" = GOM Player
"Guitar Pro 5_is1" = Guitar Pro 5.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.16
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.5.0 (Standard)
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"LastFM_is1" = Last.fm 1.5.4.27091
"LogMeIn Hamachi" = LogMeIn Hamachi
"Opera 12.50.1513" = Opera Next 12.50 internal build 1513
"ST6UNST #1" = Hero Editor V0.96
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.44-4
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XnView_is1" = XnView 1.98
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-530651081-4011185774-156565749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
"YourFileDownloader" = YourFileDownloader
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5.10.2012 2:51:19 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.10.2012 3:32:37 | Computer Name = Hula-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: GOM.EXE, verze: 2.1.43.5119, časové razítko:
0x5016836b Název chybujícího modulu: libavcodec.dll, verze: 0.0.0.0, časové razítko:
0x4f9a496c Kód výjimky: 0xc0000005 Posun chyby: 0x00156ec5 ID chybujícího procesu:
0xf9c Čas spuštění chybující aplikace: 0x01cda2cb94f4a3eb Cesta k chybující aplikaci:
C:\PROGRA~2\GRETECH\GOMPLA~1\GOM.EXE Cesta k chybujícímu modulu: C:\Program Files
(x86)\GRETECH\GomPlayer\libavcodec.dll ID zprávy: d583cd49-0ebe-11e2-a500-68a3c493976f
Error - 6.10.2012 18:03:50 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 7.10.2012 4:34:27 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 3:23:37 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 10:50:06 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.10.2012 11:19:51 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 1:51:51 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 7:32:29 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.10.2012 8:57:47 | Computer Name = Hula-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4.10.2012 11:39:34 | Computer Name = Hula-PC | Source = BROWSER | ID = 8032
Description =
Error - 4.10.2012 13:38:46 | Computer Name = Hula-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.137.1026.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.8800.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete
v nápovědě a podpoře.
Error - 4.10.2012 15:34:19 | Computer Name = Hula-PC | Source = DCOM | ID = 10010
Description =
Error - 4.10.2012 15:40:14 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:14 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:15 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:15 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 15:40:16 | Computer Name = Hula-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 4.10.2012 19:40:53 | Computer Name = Hula-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
5.197.185.252. Počítač s IP adresou 5.207.18.144 nepovolil získání názvu tímto počítačem.
Error - 4.10.2012 20:46:02 | Computer Name = Hula-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Re: Prosím o preventivní kontrolu logu:)
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Sken proběhl v pořádku a zde je log:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org
Verze databáze: v2012.10.11.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hula :: HULA-PC [administrátor]
Ochrana: Povolena
11.10.2012 13:50:48
mbam-log-2012-10-11 (15-16-31).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 444286
Uplynulý čas: 1 hodin, 24 minut, 29 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 17
C:\Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\desktopflies_2698[1].exe (PUP.Adware.Agent) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\DefbaseSetup.exe (PUP.ToolBar.Falco) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\Friendly-Strike3.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\FS3ArenasManager\FS3ArenasManager.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\FS3hoster\FrStr3Hoster.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\The Baconing\TDU2k.exe (Packer.ModifiedUPX) -> Žádná instrukce nebyla provedena.
D:\Hry\_image\Left 4 dead 2\L4D2_2.0.0.3\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Adobe Photoshop Extended CS5.1 12.1 Multilanguage\KeyGen.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Guitar pro 6 with crack\Guitar pro 6\keygen.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Guitar pro 6 with crack\Keygen\Keygen\keygen.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\NOD32.FiX.v2.2-nsane.exe (PUP.RiskWareTool.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\MiNODLogin 3.9.6.1\MiNODLogin 3.9.6.1.exe (Riskware.KG) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\TNODUP.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\uninst-tnod.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\Guitarra\Guitar Pro 5.2 Sempre Download Full\Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
D:\Taby\lidi\Arobas.Music.Guitar.Pro.v5.2.Multilingual.Retail.Incl.Keymaker-ZWT\Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
D:\Taby\lidi\Guitar Pro 5.2! Newest version! Fully cracked!\guitar pro Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org
Verze databáze: v2012.10.11.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hula :: HULA-PC [administrátor]
Ochrana: Povolena
11.10.2012 13:50:48
mbam-log-2012-10-11 (15-16-31).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 444286
Uplynulý čas: 1 hodin, 24 minut, 29 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 17
C:\Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\desktopflies_2698[1].exe (PUP.Adware.Agent) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\DefbaseSetup.exe (PUP.ToolBar.Falco) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\Friendly-Strike3.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\FS3ArenasManager\FS3ArenasManager.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\Pářky\Friendly Strike 3\FS3hoster\FrStr3Hoster.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
D:\Hry\The Baconing\TDU2k.exe (Packer.ModifiedUPX) -> Žádná instrukce nebyla provedena.
D:\Hry\_image\Left 4 dead 2\L4D2_2.0.0.3\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Adobe Photoshop Extended CS5.1 12.1 Multilanguage\KeyGen.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Guitar pro 6 with crack\Guitar pro 6\keygen.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Guitar pro 6 with crack\Keygen\Keygen\keygen.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\NOD32.FiX.v2.2-nsane.exe (PUP.RiskWareTool.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\MiNODLogin 3.9.6.1\MiNODLogin 3.9.6.1.exe (Riskware.KG) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\TNODUP.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\uninst-tnod.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
D:\Porgramy\Programy\Guitarra\Guitar Pro 5.2 Sempre Download Full\Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
D:\Taby\lidi\Arobas.Music.Guitar.Pro.v5.2.Multilingual.Retail.Incl.Keymaker-ZWT\Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
D:\Taby\lidi\Guitar Pro 5.2! Newest version! Fully cracked!\guitar pro Keygen.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
(konec)
Re: Prosím o preventivní kontrolu logu:)
Pak nema byt PC zaliskany, no fuj 
Nalezy smazte, vyskoci log, ten rad uvidim"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Všechny nálezy jsem smazal a přikládám výsledný log:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org
Verze databáze: v2012.10.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hula :: HULA-PC [administrátor]
Ochrana: Zakázána
14.10.2012 20:42:33
mbam-log-2012-10-14 (20-42-33).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 445173
Uplynulý čas: 1 hodin, 33 minut, 50 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 17
C:\Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\desktopflies_2698[1].exe (PUP.Adware.Agent) -> Umístnění do karantény a smazání se zdařilo.
D:\$RECYCLE.BIN\S-1-5-21-530651081-4011185774-156565749-1000\$RDHO8OG.exe (PUP.RiskWareTool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\DefbaseSetup.exe (PUP.ToolBar.Falco) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\Friendly-Strike3.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\FS3ArenasManager\FS3ArenasManager.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\FS3hoster\FrStr3Hoster.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\The Baconing\TDU2k.exe (Packer.ModifiedUPX) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\_image\Left 4 dead 2\L4D2_2.0.0.3\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Adobe Photoshop Extended CS5.1 12.1 Multilanguage\KeyGen.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Guitar pro 6 with crack\Guitar pro 6\keygen.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Guitar pro 6 with crack\Keygen\Keygen\keygen.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\MiNODLogin 3.9.6.1\MiNODLogin 3.9.6.1.exe (Riskware.KG) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\TNODUP.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\uninst-tnod.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\Guitarra\Guitar Pro 5.2 Sempre Download Full\Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Taby\lidi\Arobas.Music.Guitar.Pro.v5.2.Multilingual.Retail.Incl.Keymaker-ZWT\Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Taby\lidi\Guitar Pro 5.2! Newest version! Fully cracked!\guitar pro Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org
Verze databáze: v2012.10.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hula :: HULA-PC [administrátor]
Ochrana: Zakázána
14.10.2012 20:42:33
mbam-log-2012-10-14 (20-42-33).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 445173
Uplynulý čas: 1 hodin, 33 minut, 50 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 17
C:\Users\Hula\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TIUTZ0CP\desktopflies_2698[1].exe (PUP.Adware.Agent) -> Umístnění do karantény a smazání se zdařilo.
D:\$RECYCLE.BIN\S-1-5-21-530651081-4011185774-156565749-1000\$RDHO8OG.exe (PUP.RiskWareTool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\DefbaseSetup.exe (PUP.ToolBar.Falco) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\Friendly-Strike3.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\FS3ArenasManager\FS3ArenasManager.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\Pářky\Friendly Strike 3\FS3hoster\FrStr3Hoster.exe (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\The Baconing\TDU2k.exe (Packer.ModifiedUPX) -> Umístnění do karantény a smazání se zdařilo.
D:\Hry\_image\Left 4 dead 2\L4D2_2.0.0.3\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Adobe Photoshop Extended CS5.1 12.1 Multilanguage\KeyGen.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Guitar pro 6 with crack\Guitar pro 6\keygen.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Guitar pro 6 with crack\Keygen\Keygen\keygen.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\MiNODLogin 3.9.6.1\MiNODLogin 3.9.6.1.exe (Riskware.KG) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\TNODUP.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\eset-nod32-antivirus-4-2-71-2-100-works-licence-32bit-cz\ESET NOD32 Antivirus 4.2.71.2 (100) Works Licence 32bit CZ\TNODUP 1.4.0.17\TNod User & Password Finder\uninst-tnod.exe (Trojan.Agent.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Porgramy\Programy\Guitarra\Guitar Pro 5.2 Sempre Download Full\Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Taby\lidi\Arobas.Music.Guitar.Pro.v5.2.Multilingual.Retail.Incl.Keymaker-ZWT\Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
D:\Taby\lidi\Guitar Pro 5.2! Newest version! Fully cracked!\guitar pro Keygen.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
(konec)
Re: Prosím o preventivní kontrolu logu:)
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivní kontrolu logu:)
Zatim všechno běží v pořádku, nic se nezasekává ani nezpomaluje, pc se nepřehřává
Re: Prosím o preventivní kontrolu logu:)
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?