VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

mrznutie notebooku

https://forum.viry.cz:443/viewtopic.php?t=125350

Stránka 1 z 1

mrznutie notebooku

Napsal: 28 říj 2012 17:18
od lucik
Niekedy po krátkej niekedy po dlhej chvíli sa mi zasekáva moj notebook.Samozrejem som pripojena na internet. Stiahla som si aj log viz nižšie.Ďakujem za pomoc.Problém sa objavil keď som odcestovala do španielska. Antivirus nod 32 mi nasiel nejake víri ktoré mi aj vymazal cc cleanerom som si tiež vyčistila pc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2012-10-28 16:52:28
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 15 GB (25%) free of 60 GB
Total RAM: 3037 MB (56% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-07-24 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-24 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-07-24 2515552]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-10-10 3906656]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 497024]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 1474560]
"GUCI_AVS"=C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [2009-09-17 314880]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"MpsOnn"=C:\Windows\system32\spool\DRIVERS\W32X86\3\MpsOnn.exe [2007-05-28 28232]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-20 1564368]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-08-07 3524536]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-14 136176]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Facebook Update"=C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2012-08-07 960440]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-07 21432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.IV41"=ir41_32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-10-28 16:52:29 ----D---- C:\Program Files\trend micro
2012-10-28 16:52:28 ----D---- C:\rsit
2012-10-24 14:22:12 ----A---- C:\Windows\system32\kernel32.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\winsrv.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\conhost.exe
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-24 14:22:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-24 14:22:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-24 14:22:03 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-24 14:22:03 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-24 14:21:54 ----A---- C:\Windows\system32\kerberos.dll
2012-10-24 14:21:49 ----A---- C:\Windows\system32\tzres.dll
2012-10-24 14:21:37 ----A---- C:\Windows\system32\crypt32.dll
2012-10-24 14:21:36 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-24 14:21:36 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-24 14:20:48 ----A---- C:\Windows\system32\wintrust.dll
2012-10-24 14:20:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-24 14:20:41 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-24 14:20:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-23 20:16:24 ----A---- C:\Windows\system32\statistics.dat
2012-10-23 20:16:24 ----A---- C:\Windows\system32\rp_stats.dat
2012-10-23 20:16:24 ----A---- C:\Windows\system32\rp_rules.dat
2012-10-23 20:12:55 ----A---- C:\lavalicense.exe
2012-10-23 20:12:54 ----A---- C:\lavalicense.dll cracked.exe
2012-10-23 20:07:43 ----DC---- C:\Windows\system32\DRVSTORE
2012-10-23 20:07:43 ----A---- C:\Windows\system32\drivers\Lbd.sys
2012-10-23 20:06:51 ----HDC---- C:\ProgramData\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE}
2012-10-23 20:06:45 ----D---- C:\ProgramData\Lavasoft
2012-10-23 20:06:45 ----D---- C:\Program Files\Lavasoft
2012-10-19 12:48:32 ----D---- C:\Users\Lucka\AppData\Roaming\vlc
2012-10-16 23:33:24 ----D---- C:\Program Files\Common Files\Java
2012-10-16 23:25:50 ----A---- C:\Windows\system32\javaws.exe
2012-10-16 23:25:50 ----A---- C:\Windows\system32\javaw.exe
2012-10-16 23:25:50 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-10-28 16:52:35 ----D---- C:\Windows\Temp
2012-10-28 16:52:33 ----D---- C:\Windows\Prefetch
2012-10-28 16:52:29 ----RD---- C:\Program Files
2012-10-28 16:51:03 ----D---- C:\Users\Lucka\AppData\Roaming\Skype
2012-10-28 16:43:18 ----D---- C:\Windows\System32
2012-10-28 16:43:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-28 16:43:17 ----D---- C:\Windows\inf
2012-10-28 16:37:05 ----HD---- C:\ASUS.DAT
2012-10-28 16:36:59 ----A---- C:\Windows\system32\acovcnt.exe
2012-10-28 16:09:17 ----D---- C:\Users\Lucka\AppData\Roaming\ICQ
2012-10-28 16:09:08 ----D---- C:\Windows\system32\config
2012-10-28 14:26:49 ----SHD---- C:\System Volume Information
2012-10-27 13:49:11 ----AD---- C:\Windows
2012-10-27 12:39:26 ----D---- C:\Users\Lucka\AppData\Roaming\uTorrent
2012-10-27 12:39:24 ----D---- C:\Windows\debug
2012-10-26 18:31:51 ----D---- C:\Windows\rescache
2012-10-26 13:08:42 ----HD---- C:\ProgramData
2012-10-24 20:06:23 ----SHD---- C:\Windows\Installer
2012-10-24 20:06:22 ----HD---- C:\Config.Msi
2012-10-24 14:29:44 ----D---- C:\Windows\winsxs
2012-10-24 14:28:12 ----D---- C:\Windows\system32\sk-SK
2012-10-24 14:28:12 ----D---- C:\Windows\system32\en-US
2012-10-24 14:28:12 ----D---- C:\Windows\system32\drivers
2012-10-24 14:24:47 ----A---- C:\Windows\system32\MRT.exe
2012-10-24 14:21:11 ----D---- C:\Windows\system32\catroot
2012-10-24 14:21:10 ----D---- C:\Windows\system32\catroot2
2012-10-23 20:11:46 ----D---- C:\Windows\system32\Tasks
2012-10-18 20:45:42 ----D---- C:\Windows\system32\NDF
2012-10-16 23:33:24 ----D---- C:\Program Files\Common Files
2012-10-16 23:25:39 ----D---- C:\Program Files\Java
2012-10-09 17:23:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-08 21:01:19 ----D---- C:\Program Files\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-22 697328]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-13 47104]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-17 1759872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1066496]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-06-04 80824]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\Windows\system32\DRIVERS\GUCI_AVS.sys [2009-10-29 597376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 181432]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-20 1564368]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-11-02 68896]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-05 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-24 1169232]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-22 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-05 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1343400]

-----------------EOF-----------------

Re: mrznutie notebooku

Napsal: 28 říj 2012 18:21
od Márty84
Zdravim :)

:???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:

:arrow: Odinstalujte Ad-Aware, program uz davno neni co byval.

:arrow: Odinstalujte Ask Toolbar, Conduit Engine, uTorrentBar Toolbar a pokud nepouzivate, tak i Softonic-Eng7 Toolbar

:arrow: Az to udelate, dejte sem novy log z RSIT

Re: mrznutie notebooku

Napsal: 28 říj 2012 19:42
od lucik
odinstalovala som podla pokynov, tu je log...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2012-10-28 19:39:59
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 15 GB (25%) free of 60 GB
Total RAM: 3037 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:46, on 28. 10. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\ICQ7M\ICQ.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Lucka\Desktop\RSIT.exe
C:\Program Files\trend micro\Lucka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://is.uniag.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MpsOnn] C:\Windows\system32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: FancyStart daemon.lnk = ?
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 10865 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-24 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 497024]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 1474560]
"GUCI_AVS"=C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [2009-09-17 314880]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"MpsOnn"=C:\Windows\system32\spool\DRIVERS\W32X86\3\MpsOnn.exe [2007-05-28 28232]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-20 1564368]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-08-07 3524536]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-14 136176]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Facebook Update"=C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2012-08-07 960440]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-07 21432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.IV41"=ir41_32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-10-28 16:52:29 ----D---- C:\Program Files\trend micro
2012-10-28 16:52:28 ----D---- C:\rsit
2012-10-24 14:22:12 ----A---- C:\Windows\system32\kernel32.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\winsrv.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-24 14:22:11 ----A---- C:\Windows\system32\conhost.exe
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-24 14:22:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-24 14:22:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-24 14:22:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-24 14:22:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-24 14:22:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-24 14:22:04 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-24 14:22:03 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-24 14:22:03 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-24 14:21:54 ----A---- C:\Windows\system32\kerberos.dll
2012-10-24 14:21:49 ----A---- C:\Windows\system32\tzres.dll
2012-10-24 14:21:37 ----A---- C:\Windows\system32\crypt32.dll
2012-10-24 14:21:36 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-24 14:21:36 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-24 14:20:48 ----A---- C:\Windows\system32\wintrust.dll
2012-10-24 14:20:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-24 14:20:41 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-24 14:20:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-23 20:16:24 ----A---- C:\Windows\system32\statistics.dat
2012-10-23 20:16:24 ----A---- C:\Windows\system32\rp_stats.dat
2012-10-23 20:16:24 ----A---- C:\Windows\system32\rp_rules.dat
2012-10-23 20:07:43 ----DC---- C:\Windows\system32\DRVSTORE
2012-10-23 20:06:45 ----D---- C:\ProgramData\Lavasoft
2012-10-19 12:48:32 ----D---- C:\Users\Lucka\AppData\Roaming\vlc
2012-10-16 23:33:24 ----D---- C:\Program Files\Common Files\Java
2012-10-16 23:25:50 ----A---- C:\Windows\system32\javaws.exe
2012-10-16 23:25:50 ----A---- C:\Windows\system32\javaw.exe
2012-10-16 23:25:50 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-10-28 19:40:22 ----D---- C:\Windows\Temp
2012-10-28 19:39:25 ----D---- C:\Windows\Prefetch
2012-10-28 19:38:25 ----D---- C:\Windows\system32\config
2012-10-28 19:37:04 ----D---- C:\Users\Lucka\AppData\Roaming\ICQ
2012-10-28 19:35:56 ----HD---- C:\ASUS.DAT
2012-10-28 19:35:29 ----A---- C:\Windows\system32\acovcnt.exe
2012-10-28 19:34:50 ----RD---- C:\Program Files
2012-10-28 19:34:50 ----AD---- C:\Windows
2012-10-28 19:31:11 ----D---- C:\Windows\System32
2012-10-28 19:31:11 ----D---- C:\Windows\inf
2012-10-28 19:31:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-28 19:29:41 ----SHD---- C:\Windows\Installer
2012-10-28 19:29:38 ----HD---- C:\Config.Msi
2012-10-28 19:29:32 ----D---- C:\Windows\system32\Tasks
2012-10-28 19:29:10 ----SHD---- C:\System Volume Information
2012-10-28 19:25:30 ----HD---- C:\ProgramData
2012-10-28 19:24:26 ----D---- C:\Windows\system32\drivers
2012-10-28 19:05:32 ----D---- C:\Users\Lucka\AppData\Roaming\Skype
2012-10-27 12:39:26 ----D---- C:\Users\Lucka\AppData\Roaming\uTorrent
2012-10-27 12:39:24 ----D---- C:\Windows\debug
2012-10-26 18:31:51 ----D---- C:\Windows\rescache
2012-10-24 14:29:44 ----D---- C:\Windows\winsxs
2012-10-24 14:28:12 ----D---- C:\Windows\system32\sk-SK
2012-10-24 14:28:12 ----D---- C:\Windows\system32\en-US
2012-10-24 14:24:47 ----A---- C:\Windows\system32\MRT.exe
2012-10-24 14:21:11 ----D---- C:\Windows\system32\catroot
2012-10-24 14:21:10 ----D---- C:\Windows\system32\catroot2
2012-10-18 20:45:42 ----D---- C:\Windows\system32\NDF
2012-10-16 23:33:24 ----D---- C:\Program Files\Common Files
2012-10-16 23:25:39 ----D---- C:\Program Files\Java
2012-10-09 17:23:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-08 21:01:19 ----D---- C:\Program Files\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-22 697328]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-13 47104]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-17 1759872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1066496]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a0jy85u6;a0jy85u6; C:\Windows\system32\drivers\a0jy85u6.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-06-04 80824]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\Windows\system32\DRIVERS\GUCI_AVS.sys [2009-10-29 597376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 181432]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-20 1564368]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-11-02 68896]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-05 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-22 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-05 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1343400]

-----------------EOF-----------------

Re: mrznutie notebooku

Napsal: 28 říj 2012 20:08
od Márty84
:arrow: Ale nejak nevidim odpoved na svou otazku :???:



:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: mrznutie notebooku

Napsal: 28 říj 2012 22:02
od lucik
OS nie je original...


OTL logfile created on: 28. 10. 2012 21:13:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,97 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 62,03% Memory free
5,93 Gb Paging File | 4,77 Gb Available in Paging File | 80,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 14,60 Gb Free Space | 24,92% Space Free | Partition Type: NTFS
Drive D: | 239,50 Gb Total Space | 92,41 Gb Free Space | 38,59% Space Free | Partition Type: NTFS

Computer Name: LUCKA-PC | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/28 20:19:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
PRC - [2012/08/31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/08/07 06:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/07 06:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/08/07 06:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/20 12:38:08 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2012/03/07 14:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012/03/07 14:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012/02/29 07:50:48 | 000,158,856 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2011/11/02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/09/17 10:44:52 | 000,314,880 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
PRC - [2009/08/12 13:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/30 17:44:10 | 000,497,024 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009/07/23 09:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009/07/14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009/07/13 09:53:10 | 001,474,560 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009/07/01 17:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/07/01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2007/03/12 12:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 12:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005/07/06 14:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/09 11:39:02 | 014,336,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\0cd8e6babbda33dc67ce14dff2127e93\Kies.Theme.ni.dll
MOD - [2012/08/09 11:39:02 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\36723a90a94b1445fb3c8cc94521f210\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012/08/09 11:39:01 | 000,506,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\2580fce8060a90ac56da222e2d73ee70\Kies.Common.MediaDB.ni.dll
MOD - [2012/08/09 11:39:01 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\f6e6c6e7b20f496537b2daf9ce689075\Kies.Common.StoreManager.ni.dll
MOD - [2012/08/09 11:39:00 | 000,235,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\9256f8b0b4063bf561d9562c74a13115\ASF_cSharpAPI.ni.dll
MOD - [2012/08/09 11:38:59 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a0598c566b528f0ecbc699b456ac8bd8\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012/08/09 11:38:59 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\240077fbaeeaf9371ab2671b5a4f9ec6\Kies.Common.AllShare.ni.dll
MOD - [2012/08/09 11:38:58 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\304626283c24945ef2fde6c0f333e074\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012/08/09 11:38:58 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\afb7f94eb31d82a98a1253e20a8878c9\Interop.DevFileServiceLib.ni.dll
MOD - [2012/08/09 11:38:57 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\29cbbf67034aa48559262f8aefb6f204\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012/08/09 11:38:56 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\522fa5c5e4b13da5c4199e89b7a7282c\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012/08/09 11:38:55 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\829336d431db10cda3f6e83df1c7eb45\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012/08/09 11:38:54 | 000,894,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0c9b1623a1aeecfb2e0c0b47bb2355e7\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012/08/09 11:38:53 | 001,016,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\05dc31426ee0143b35e9f52a8de11ac2\Kies.Common.DeviceService.ni.dll
MOD - [2012/08/09 11:38:51 | 002,188,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\94525869bb3329d8a7229b475cdc40a8\Kies.Common.Multimedia.ni.dll
MOD - [2012/08/09 11:38:51 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\8a68500bca158546b4286f4c851a31ac\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012/08/09 11:38:48 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4a452b9bfb0070f4ce55fea0892d1b73\Kies.Common.MainUI.ni.dll
MOD - [2012/08/09 11:38:47 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\fedb5734de65cae673710c71f76e13f6\Kies.Common.DBManager.ni.dll
MOD - [2012/08/09 11:38:46 | 001,392,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\36e278fbeed2f8fed3af31a835cf6de6\Kies.Locale.ni.dll
MOD - [2012/08/09 11:38:46 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\6ffd1a8ebfd5229135b5e09e7177c5ea\Kies.Common.Util.ni.dll
MOD - [2012/08/09 11:38:45 | 001,709,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\08b112b00f27b5bb55c79954d06c4aaf\Kies.UI.ni.dll
MOD - [2012/08/09 11:38:45 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\d482b77222e12b1a52daa3b9fac5fba6\Kies.MVVM.ni.dll
MOD - [2012/08/09 11:38:42 | 001,182,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\b2d9d4cc8641f75f505e42065e2f5a27\Kies.Interface.ni.dll
MOD - [2012/08/09 11:38:41 | 001,661,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\028e24fed31c27e7b66fb0fedc085ac0\Kies.ni.exe
MOD - [2012/08/09 11:09:18 | 000,115,137 | ---- | M] () -- C:\Users\Lucka\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
MOD - [2012/08/07 06:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012/07/26 18:47:47 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012/07/26 17:33:27 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012/07/26 17:33:27 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012/07/26 17:33:27 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012/07/26 17:33:22 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012/07/26 17:33:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012/07/26 17:33:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012/07/26 17:33:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012/07/26 17:33:18 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012/07/26 17:33:08 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012/07/26 17:33:05 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ef221aa0472b0870b6689ab044fad227\System.Runtime.Remoting.ni.dll
MOD - [2012/07/26 17:33:00 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012/07/26 17:28:07 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012/07/26 17:27:57 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012/07/26 17:27:50 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012/07/26 17:27:38 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012/07/26 17:27:33 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012/07/26 17:27:30 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012/07/26 17:27:25 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012/07/26 17:27:23 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012/07/26 17:27:23 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012/07/26 17:27:21 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012/07/26 17:27:14 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012/06/20 12:38:08 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2011/05/28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/06 13:37:36 | 047,628,288 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2009/07/01 17:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009/05/07 15:53:18 | 000,106,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009/05/07 15:50:46 | 000,073,728 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2008/09/30 22:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2008/02/14 12:57:00 | 000,094,208 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2006/11/30 16:03:48 | 000,434,688 | ---- | M] () -- C:\Program Files\Total PDF Converter\axTotalConverter.dll


========== Services (SafeList) ==========

SRV - [2012/10/09 17:23:19 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/20 12:38:08 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012/03/07 14:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012/02/29 07:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/09/05 21:31:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/16 16:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010/05/22 17:45:46 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap2dgt4k)
DRV - [2012/06/04 08:59:20 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/06/04 08:59:20 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/03/14 07:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012/03/14 07:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012/03/14 07:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012/03/14 07:40:02 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012/03/14 07:40:02 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/22 17:37:25 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/10/29 13:54:36 | 000,597,376 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV - [2009/10/05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/17 23:51:38 | 001,759,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:02:47 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E)
DRV - [2009/07/09 15:08:30 | 001,066,496 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2007/07/31 01:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007/02/18 00:15:34 | 000,232,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://is.uniag.sk/
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 E5 6E 59 71 FB CA 01 [binary data]
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lucka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/05 08:14:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/09/27 21:37:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/05 08:14:37 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://start.gametop.com/?utm_source=Bo ... dium=start
CHR - default_search_provider: ICQ Search (Enabled)
CHR - default_search_provider: search_url = http://search.icq.com/search/results.ph ... &ch_id=osd
CHR - default_search_provider: suggest_url =
CHR - homepage: http://start.gametop.com/?utm_source=Bo ... dium=start
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lucka\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lucka\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lucka\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

O1 HOSTS File: ([2012/06/12 17:02:15 | 000,000,976 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MpsOnn] C:\Windows\System32\spool\drivers\w32x86\3\MPSONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [Facebook Update] C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk = C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2501825252-3449659084-2302357657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E39A6ED-395E-4CB5-93FC-0212B252144B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{78d5beb6-65c0-11df-a2bc-e0cb4e091edc}\Shell - "" = AutoRun
O33 - MountPoints2\{78d5beb6-65c0-11df-a2bc-e0cb4e091edc}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/10/28 20:19:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2012/10/28 16:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/10/28 16:52:28 | 000,000,000 | ---D | C] -- C:\rsit
[2012/10/26 13:13:28 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\iLivid
[2012/10/24 14:22:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/10/24 14:22:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/10/24 14:22:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/24 14:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/24 14:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/10/24 14:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/10/24 14:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/24 14:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/10/24 14:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/24 14:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/10/24 14:22:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/24 14:22:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/24 14:22:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/10/24 14:22:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/24 14:22:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/10/24 14:22:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/24 14:22:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/24 14:22:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/10/24 14:22:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/10/24 14:22:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/10/24 14:21:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/10/24 14:20:42 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/10/24 14:20:41 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/10/23 20:07:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/10/23 20:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/10/19 12:48:32 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\vlc
[2012/10/19 12:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/10/17 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\mobil
[2012/10/16 23:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/10/16 23:25:50 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/10/16 23:25:50 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/10/16 23:25:50 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[1 C:\Users\Lucka\Desktop\*.tmp files -> C:\Users\Lucka\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/28 21:19:13 | 000,619,846 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/28 21:19:13 | 000,108,166 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/28 21:18:57 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/28 21:18:57 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/28 21:16:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/10/28 21:12:00 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012/10/28 21:11:47 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/28 21:11:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/28 21:11:20 | 2388,459,520 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/28 21:08:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/28 21:01:04 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
[2012/10/28 20:56:16 | 000,029,872 | ---- | M] () -- C:\Users\Lucka\Desktop\Tres-metros-sobre-el-cielo(0000189512).zip
[2012/10/28 20:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/28 20:19:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2012/10/28 20:11:01 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
[2012/10/28 19:03:37 | 000,000,054 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012/10/28 19:03:37 | 000,000,044 | ---- | M] () -- C:\Windows\System32\statistics.dat
[2012/10/28 19:03:37 | 000,000,039 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012/10/28 16:52:09 | 000,781,383 | ---- | M] () -- C:\Users\Lucka\Desktop\RSIT.exe
[2012/10/28 09:34:04 | 004,722,688 | ---- | M] () -- C:\Users\Lucka\Desktop\snezik.JPG
[2012/10/24 23:11:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
[2012/10/17 11:01:00 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
[2012/10/09 17:23:13 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/10/09 17:23:13 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Users\Lucka\Desktop\*.tmp files -> C:\Users\Lucka\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/28 20:56:16 | 000,029,872 | ---- | C] () -- C:\Users\Lucka\Desktop\Tres-metros-sobre-el-cielo(0000189512).zip
[2012/10/28 20:27:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/10/28 16:52:09 | 000,781,383 | ---- | C] () -- C:\Users\Lucka\Desktop\RSIT.exe
[2012/10/28 09:34:04 | 004,722,688 | ---- | C] () -- C:\Users\Lucka\Desktop\snezik.JPG
[2012/10/23 20:16:24 | 000,000,054 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2012/10/23 20:16:24 | 000,000,044 | ---- | C] () -- C:\Windows\System32\statistics.dat
[2012/10/23 20:16:24 | 000,000,039 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2012/06/26 15:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/06/26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/06/26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/06/26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/06/26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/06/12 18:02:30 | 000,045,270 | ---- | C] () -- C:\Users\Lucka\AppData\Roaming\room_v3.dat
[2012/06/12 17:12:57 | 000,079,053 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012/01/12 16:09:39 | 000,045,056 | ---- | C] () -- C:\Windows\System32\bgspmnt.dll
[2012/01/12 16:09:26 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2012/01/12 16:09:26 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2011/12/05 19:25:46 | 000,000,024 | ---- | C] () -- C:\Windows\SW_Win2146X32.DLL
[2011/11/11 14:28:59 | 000,000,208 | ---- | C] () -- C:\Windows\MPASS.INI
[2011/08/14 16:21:47 | 000,007,605 | ---- | C] () -- C:\Users\Lucka\AppData\Local\Resmon.ResmonCfg
[2011/04/20 10:57:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2011/04/09 19:15:03 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/04/09 19:13:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/01/31 21:13:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/12/17 13:50:22 | 000,003,584 | ---- | C] () -- C:\Users\Lucka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/07 16:55:20 | 000,000,736 | ---- | C] () -- C:\Users\Lucka\AppData\Local\SRDownloader.nast
[2010/11/07 16:55:12 | 000,000,134 | ---- | C] () -- C:\Users\Lucka\AppData\Local\SRDownloader.err

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/06/06 07:52:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2010/11/16 18:47:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\BitSpirit
[2011/08/14 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011/08/14 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Pro
[2011/12/05 19:16:01 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2010/09/05 19:11:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ESET
[2010/07/05 12:17:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\fltk.org
[2012/06/18 17:16:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GarenaPlus
[2012/07/30 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GHISLER
[2010/11/28 12:56:24 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\gtk-2.0
[2012/10/28 21:13:40 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ICQ
[2011/12/05 19:29:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2011/04/14 21:07:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Opera
[2012/01/12 16:09:37 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\pdfMachine
[2012/07/26 17:33:49 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Samsung
[2012/02/16 21:21:02 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Softplicity
[2011/10/02 11:58:43 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TeamViewer
[2012/04/30 18:37:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ubisoft
[2012/10/27 12:39:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\uTorrent
[2010/12/06 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\WebcamMax

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 05:53:46 | 000,032,646 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010/09/05 18:13:00 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010/09/05 18:13:01 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011/10/13 19:31:07 | 000,000,894 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
[2011/10/13 19:31:08 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
[2012/06/27 16:50:44 | 000,001,020 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000Core.job
[2012/06/27 16:50:45 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501825252-3449659084-2302357657-1000UA.job
[2012/09/17 18:53:04 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/06/02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

Re: mrznutie notebooku

Napsal: 28 říj 2012 22:03
od lucik
< MD5 for: ISAPNP.SYS >
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011/11/17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012/06/02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B7 MD5 for: CRYPTSVC.DLL 1DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011/03/11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011/03/11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011/03/11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012/08/22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\System32\drivers\tcpip.sys
[2012/08/22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[12 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/11/05 11:35:16 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Adobe
[2012/03/28 07:08:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ahead
[2011/12/18 10:27:20 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Apple Computer
[2012/06/06 07:52:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2010/11/16 18:47:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\BitSpirit
[2011/08/14 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011/08/14 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Pro
[2011/12/05 19:16:01 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2012/08/12 19:40:54 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\dvdcss
[2010/09/05 19:11:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ESET
[2010/07/05 12:17:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\fltk.org
[2012/06/18 17:16:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GarenaPlus
[2012/07/30 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GHISLER
[2010/11/28 12:56:24 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\gtk-2.0
[2010/10/09 16:47:58 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\HP
[2012/10/28 21:13:40 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ICQ
[2010/05/22 13:15:16 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Identities
[2010/05/23 09:05:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\InstallShield
[2010/05/22 14:09:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Macromedia
[2009/07/14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Media Center Programs
[2012/09/14 08:05:57 | 000,000,000 | --SD | M] -- C:\Users\Lucka\AppData\Roaming\Microsoft
[2010/11/21 11:52:57 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Mozilla
[2011/12/05 19:29:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2011/04/14 21:07:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Opera
[2012/01/12 16:09:37 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\pdfMachine
[2012/07/26 17:33:49 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Samsung
[2012/10/28 19:05:32 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Skype
[2011/11/03 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\skypePM
[2012/02/16 21:21:02 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Softplicity
[2011/10/02 11:58:43 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TeamViewer
[2012/04/30 18:37:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ubisoft
[2012/10/27 12:39:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\uTorrent
[2012/10/28 21:10:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\vlc
[2010/12/06 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\WebcamMax
[2012/03/10 18:44:13 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Winamp
[2010/05/22 17:29:56 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010/05/23 11:00:21 | 000,010,134 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010/05/23 10:08:51 | 000,012,862 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_8FECA0B7E1E0D1C736F74A.exe
[2010/05/23 10:08:51 | 000,012,862 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
[2012/07/16 12:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012/07/16 12:23:58 | 000,278,968 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012/06/26 15:04:30 | 000,320,000 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012/07/16 12:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012/06/26 15:03:34 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012/06/26 15:03:34 | 000,321,536 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012/07/16 12:19:36 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012/07/16 12:24:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012/06/26 15:03:16 | 000,106,960 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012/06/26 15:03:16 | 000,101,328 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012/07/16 12:24:04 | 000,183,736 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/07/16 12:24:06 | 000,021,432 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012/07/16 12:24:06 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012/07/16 12:24:08 | 000,451,000 | ---- | M] (ml) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012/08/07 06:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012/08/07 06:25:04 | 000,278,968 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012/07/30 06:17:50 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012/08/07 06:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012/08/07 06:11:30 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012/08/07 06:17:30 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012/08/07 06:12:24 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012/08/07 06:25:06 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012/07/30 06:17:10 | 000,057,344 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012/08/03 07:42:04 | 000,106,960 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012/08/03 07:42:04 | 000,101,328 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012/08/07 06:25:10 | 000,183,736 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/08/07 06:25:12 | 000,021,432 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012/08/07 06:25:12 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012/08/07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012/07/16 12:24:08 | 000,451,000 | ---- | M] (ml) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/08/07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/04/09 19:29:19 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011/04/09 19:29:19 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/05/22 17:37:25 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/04/09 19:29:19 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011/04/09 19:29:19 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/10/28 21:18:57 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/28 21:18:57 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/28 21:12:00 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2012/10/28 21:19:13 | 000,108,166 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/10/28 21:19:13 | 000,619,846 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/10/28 21:19:13 | 000,730,448 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012/10/28 19:03:37 | 000,000,039 | ---- | M] () -- C:\Windows\system32\rp_rules.dat
[2012/10/28 19:03:37 | 000,000,054 | ---- | M] () -- C:\Windows\system32\rp_stats.dat
[2012/10/28 19:03:37 | 000,000,044 | ---- | M] () -- C:\Windows\system32\statistics.dat

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011/09/14 08:38:37 | 000,136,176 | ---- | M] (Google Inc.)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- [2009/07/14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007/03/12 12:49:26 | 000,153,136 | ---- | M] (Nero AG)
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009/11/15 10:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
"Facebook Update" = "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012/07/12 10:56:04 | 000,138,096 | ---- | M] (Facebook Inc.)
"KiesPreload" = C:\Program Files\Samsung\Kies\Kies.exe /preload -- [2012/08/07 06:25:02 | 000,960,440 | ---- | M] (Samsung)
"KiesPDLR" = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012/08/07 06:25:12 | 000,021,432 | ---- | M] ()
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/10/28 21:16:41 | 000,000,512 | ---- | M] () MD5=8A5E328498A9BE810956624C40353232 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/10/23 20:00:14 | 000,012,404 | ---- | M] () -- \Users\Lucka\AppData\Roaming\uTorrent\Ad-Aware Pro v8.1.4+Crack [ kk ].torrent

< *keygen* /s >
[2012/03/27 19:50:17 | 000,015,146 | ---- | M] () -- \Users\Lucka\AppData\Roaming\uTorrent\Nero 7 Premium 7.8.5.0 CZ + keygen.rar.torrent
[2012/03/27 19:50:17 | 000,015,146 | ---- | M] () -- \Users\Lucka\Documents\ICQ\440888846\ReceivedFiles\206392063 Ľubko\[CzT]Nero_7_Premium_7_8_5_0_CZ_keygen.torrent

< *loader* /s >
[2008/08/28 18:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 15:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 15:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2009/02/04 03:33:52 | 000,028,008 | ---- | M] () -- \Program Files\AutoCAD 2010\AecLoader.arx
[2008/08/14 06:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007/03/12 12:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012/04/24 02:21:30 | 000,038,400 | ---- | M] () -- \Program Files\Garena Plus\FileLoader.dll
[2012/02/22 09:52:16 | 002,609,664 | ---- | M] () -- \Program Files\Garena Plus\ggdownloader.dll
[2012/06/06 13:23:34 | 000,081,272 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\BTalkLoader.exe
[2009/05/21 21:07:18 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/05/21 20:54:18 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/05/21 20:54:18 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2012/06/20 12:37:30 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/06/20 12:37:31 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/06/20 12:37:30 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/04/20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012/06/20 12:37:43 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012/08/03 01:11:20 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/08/07 06:25:10 | 000,183,736 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/08/03 01:11:20 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Plugins\DeviceHost\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/02/29 07:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/29 07:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/02/29 07:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/29 07:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010/11/07 16:55:12 | 000,000,134 | ---- | M] () -- \Users\Lucka\AppData\Local\SRDownloader.err
[2010/11/07 16:55:20 | 000,000,736 | ---- | M] () -- \Users\Lucka\AppData\Local\SRDownloader.nast
[2012/10/27 13:49:51 | 000,000,753 | ---- | M] () -- \Users\Lucka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7URIBS42\AdLoader[1].htm
[2012/10/27 13:49:51 | 000,105,903 | ---- | M] () -- \Users\Lucka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PY2Q2526\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/07/10 09:55:42 | 000,069,120 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/07/16 12:24:04 | 000,183,736 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/07/10 09:55:42 | 000,069,120 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Plugins\DeviceHost\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/08/03 01:11:20 | 000,069,120 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/08/07 06:25:10 | 000,183,736 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/08/03 01:11:20 | 000,069,120 | ---- | M] () -- \Users\Lucka\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Plugins\DeviceHost\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2010/05/22 13:18:33 | 000,000,003 | ---- | M] () -- \Windows\7Loader.TAG
[2010/05/22 13:58:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012/07/26 17:33:32 | 000,189,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0ba08ce2721202a5563fe0e8fd9b4089\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
[2012/08/09 11:38:58 | 000,189,952 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\304626283c24945ef2fde6c0f333e074\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
[2010/11/20 07:28:20 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010/11/20 07:38:52 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[1 \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp files -> \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp -> ]
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/22 14:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/04/09 19:26:22 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/04/09 19:26:22 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/04/09 19:26:23 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2008/08/14 06:56:12 | 000,003,942 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008/08/14 06:56:10 | 000,001,489 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class

< *serial* /s >
[2008/08/28 15:40:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/28 15:40:42 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008/08/28 15:40:42 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008/08/06 09:45:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/06 09:45:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008/08/06 09:45:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008/09/19 03:10:54 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 03:10:54 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008/09/19 03:10:54 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008/08/14 06:56:46 | 000,059,514 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2008/07/31 15:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/05/21 17:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009/05/21 17:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2012/09/17 19:39:07 | 000,000,024 | ---- | M] () -- \Users\Lucka\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/05/11 17:02:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/11 17:32:03 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012/07/26 17:33:09 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8f0d3b706bb74e30bc81546f3b56a607\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/07/26 17:33:03 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d132fe6c8f229528089a5084824567a9\System.Runtime.Serialization.ni.dll
[2012/07/29 16:51:24 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\0182681020de71c8db9120c1e130bc41\System.Xml.Serialization.ni.dll
[2011/04/06 15:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Xml.Serialization.dll.x86
[2012/07/26 17:26:42 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/26 17:26:40 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/26 17:26:51 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/01 11:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010/11/20 05:06:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010/11/20 05:00:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010/11/20 05:09:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010/11/20 05:54:04 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[1 \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp files -> \Windows\SoftwareDistribution\Download\2554dfd7545be3631988376b6c65b1c6\*.tmp -> ]
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/13 17:29:14 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009/07/14 05:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2010/05/22 13:47:53 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009/07/14 03:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/07/14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/13 17:29:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Re: mrznutie notebooku

Napsal: 28 říj 2012 22:04
od lucik
OTL Extras logfile created on: 28. 10. 2012 21:13:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,97 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 62,03% Memory free
5,93 Gb Paging File | 4,77 Gb Available in Paging File | 80,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 14,60 Gb Free Space | 24,92% Space Free | Partition Type: NTFS
Drive D: | 239,50 Gb Total Space | 92,41 Gb Free Space | 38,59% Space Free | Partition Type: NTFS

Computer Name: LUCKA-PC | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C97F79-AA3B-4E2F-8E41-75E995B9AEA7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{06C22A91-6699-4F36-9588-49B60EF8982E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B9AB991-4CC2-488F-923F-5BB1823351FA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{121BF474-8025-4523-8DC4-B5983EED3310}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12AF2403-33E3-4747-B510-B2247A3EFDE2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{376E6091-6B61-450F-9508-6AC6F0C3AF2B}" = lport=137 | protocol=17 | dir=in | app=system |
"{3E859621-19D1-4F26-A785-A4FAD388818F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{46E3D86A-11FD-4DCD-BA00-1021CB53D45D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FB22CA9-A1A7-4351-9735-68EAA52C1C4C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{53762114-0A25-436E-80DD-203537898112}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{545153A6-924C-4200-8ACB-5F01726357E5}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{5549F6D5-B27A-4673-9015-AA7D18290F11}" = rport=139 | protocol=6 | dir=out | app=system |
"{5638E656-EEBC-4ABC-9E6C-008461229367}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A535677-BFBD-4739-9F2D-A16669F67BA8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CE0A7AB-784F-4C1C-90C4-2DCC59E3953E}" = lport=445 | protocol=6 | dir=in | app=system |
"{69C80D51-DAF8-4239-9AA7-3A5225D1592B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7823FC5E-0552-4BB8-8EC0-6F4AAB256771}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7D092798-C35A-4D1A-B119-EA4E4E201A42}" = lport=139 | protocol=6 | dir=in | app=system |
"{87ACA647-F24C-4C4E-97E5-E7B4244CE66B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8870C9EB-B0BD-4513-B616-35DF1639EBB6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95AC78B9-77C5-420E-8371-CCE79E9A7555}" = lport=138 | protocol=17 | dir=in | app=system |
"{A30ED4BA-C816-425A-BE0E-62038B6B179F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AB1205D7-2124-4C2F-9D10-572D0A87382D}" = rport=138 | protocol=17 | dir=out | app=system |
"{ADCF3DB6-B865-4099-B63E-8F88128B3BAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B07E2E84-6F70-468C-9AE5-474577528FB0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B5E8F851-41CF-45F4-ADDC-B1E735341462}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B72BBFB9-E717-4F45-ACD7-ECDF89A40C30}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB535D9A-877C-4390-A4CE-58376FA541FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8B52E89-828B-4D55-BE00-5294D233499B}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{E0592E7E-A28F-479A-8659-1B8ED9C12934}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4244C9D-BFC1-43CB-AB69-63DC6A357BDB}" = rport=445 | protocol=6 | dir=out | app=system |
"{ED4F3BAD-3BBD-4608-B302-AAB04F2BBB8B}" = rport=137 | protocol=17 | dir=out | app=system |
"{EDDB10BE-EE2D-4062-9337-D730329D912B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FF9BF92E-C75E-48F9-98CD-83A3EB49897E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009DD121-4249-434C-B730-3561190C4B8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{031342C5-297F-42FA-A5F9-6B7C69CF4E06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{060BE37F-52C8-4E99-82B9-DB802BF2689F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{06696298-16E5-48C2-BE77-2336EB8C879C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A85DD5B-2D48-475F-98F0-72B9E4633F2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0FF401CA-116C-4F98-BF3D-41D9A330FD70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{131FB7E9-9B12-4971-8DD9-2D372A927165}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{15B8E6CB-A6EA-42CD-A8A2-40105C8952D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{167E9811-BD82-42D0-B4AC-893F7EE9091D}" = dir=in | app=c:\users\lucka\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{18527B50-1FA1-4E3C-BDC3-083C404F5B56}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A1AC74B-28E7-4D96-9009-A87AD859B376}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1F06AE3A-9DF2-42AD-B5E2-EC9CF750AF84}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{2133869B-A80E-448F-894A-FB1C55C8F4E5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2710C0E0-8EBC-4ECB-A5C8-F7793287D2C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29DD90B4-DBBD-45C4-A9CC-3CDD51A9AC91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DDBE90A-A408-4A95-8DD2-30905B63E034}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{3035C817-41EE-41F6-8C5B-4DA4DAFEDC14}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{31EC1543-A478-488A-B5BE-9AFD8E11B172}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{33CF6A52-E1CD-4E7F-946D-5609C5939F2E}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{33CF952B-5103-4D8B-BD90-E1430334F10D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{361A7747-606A-4893-8F05-688D8151A864}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{39B0036B-DB22-4ADD-A5C6-1201E540ACC3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{4335A23B-C95B-4468-808F-1AB48F5DC20F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46014584-0E36-492F-BF99-83D23717D253}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{47FB684B-E0AD-4436-BCE1-2AA5A33C8FCF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C7F5A11-1C82-47BA-9E42-4019E973FE6B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{503551EE-52DE-4580-B8D0-E95E6CAE0E49}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{53413E76-0B77-4C44-9B2F-1B32F61A1BF2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{54AD6C78-18A9-4A53-A17B-D662B71ED168}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{55AA63A7-F007-4167-A09C-AA14B41FD123}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55E89C5D-1690-4AF4-AD0A-B47587BBEC7A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5778C961-DB25-40BF-AAB4-47E0DA3491C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58A66466-32F0-454B-80EC-28B68EBF6EF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5BD528E3-AC62-4BEF-8653-6F4D1734711B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5F4E818D-678C-45EB-983E-E7D1FA8C5701}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60D7E2F8-13F4-4662-8132-D6DFAEE5B779}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{6833A209-81F5-4C5F-AA22-8F5F77CB4923}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{690697B7-F3DA-4F65-AAA5-D018AB98E385}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{6C1F5517-C786-432C-BFFB-DEAAF64C1420}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6C5A9ED1-906E-404A-AEFA-3A0BB9A195DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6F7BB184-0E65-486F-ADB4-47931823DC22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{730F7EDE-0E83-487F-BDE5-E5D74B254AEF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73D686B4-008E-424B-9286-7B3AFE4B70EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{793196A5-9D29-4510-939B-48D446ED7CC1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{7B664FFE-BE57-449C-89C2-CE082BA4AB69}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CC01788-DB4E-4932-B6DF-EA45C754FA6B}" = protocol=6 | dir=out | app=system |
"{7D55E62C-6FD0-478E-90EA-43115B9A87F4}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{7D609668-A060-4646-8EA2-92FD46051D13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{844BC9A4-924A-4E9E-9FE2-1CC541246D10}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{876BF465-8F8D-4E27-A262-B0FD626EA2E5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{885DC344-F536-42D5-BF91-646EE79FC72D}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{891C673C-E252-48E3-8BB2-02B67AD9FE65}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{8A6EA339-53C5-4696-A664-F73AB39974C9}" = dir=in | app=e:\setup\hpznui01.exe |
"{8B665F22-57B9-466B-8308-405134CCBCAD}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{8BA258F3-3E45-46D1-871A-29D105FA0B63}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{942AC5E9-9142-4D03-AA60-2C6AC174EF5D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9931FA25-7412-4BAE-ABAB-7DA39AC7D678}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{A486DB34-EBDF-4A2D-AC6B-1D5107D82456}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5C45516-092D-44B5-82F2-F30DA39E497E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{A619AD88-45DD-4565-9113-28AD16284836}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{ADDCA0CB-8B33-4767-9D04-606B6A2D711C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE675A75-96DC-4514-8586-D50C9DD11181}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5B94095-7EC0-4860-A9A2-E2A43C837450}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9432E58-4D0B-41DB-86B6-8667ADD87D8A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA739AE5-E216-4F6E-A6ED-5A621EAD2B9A}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{BD3D2FA4-2F8E-4143-B0FF-4B9A0765C20A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C015A4E3-B3B4-43B4-8B8C-C98D29A578EF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C212D0A2-EFA3-44CC-BB71-2CCB11B9F51B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{C4813FE9-BF23-4B8A-9F1E-32B0FBB8F8A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C955323A-7AF2-4D60-9138-0BEE1C7E7CBC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE883F4B-6CF7-4040-8D8B-179C1AC789A0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{D7EBC14E-2E58-47A9-9438-9E8E4D30EFD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D81C9656-FE8E-4A30-A6BA-CEC6F17E4C37}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{E11014AF-F01F-423D-9105-C65EF2B85765}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{E37A171B-AA0B-4FC9-9321-86CFE68EED9C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E37EF2CE-E9A7-481E-9ABA-55A9272E98B2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{E42E2630-6B5D-4714-A14E-98CD807BC9D9}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{E5BF9374-8751-4529-B4E9-2A6903FA83CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8DAA4E5-864F-411A-BCD5-10473E029A15}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{EB9DF296-44A2-4D78-988F-DA6DC9106ED6}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F59B4556-B572-4133-B2B0-8657946DF794}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{F9CFDC66-687D-40BA-827C-5B8092A237FD}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{FB2A4E58-9F45-416F-96D8-3648BA8CD12C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{FC7C727F-226F-4EB9-B4B3-7E9C595B64FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE30F74E-9AC1-4F8A-8DAC-82B18C75286A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"TCP Query User{139FD4B3-D1B6-4CB8-8555-FDE536C3E121}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{18F40896-F65E-47A1-99A1-B8D50846E848}C:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files\garena plus\room\garena_room.exe |
"TCP Query User{7189DF2A-9335-446F-8730-BE818EFCF5DB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{941CEF00-B85F-46A0-8B98-5F16D8104CBE}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{E24FB861-6CC3-45A3-8951-41FAED7BA6AE}C:\program files\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"UDP Query User{069504A6-3187-4B62-BC27-4D2807877F92}C:\program files\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"UDP Query User{36276CB7-ACC0-4FCF-9042-70E6B6EDF24E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9252765B-3860-4FB3-99F6-5947C39D78F5}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{AD8E0126-631D-4984-B552-1BA38364F1FD}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{FD841ABB-B9D3-44D7-A6A9-8CB0B227F2DE}C:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files\garena plus\room\garena_room.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3716DCA4-7980-4B80-99A3-2A3F819CA726}" = ESET Smart Security
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4F2CE68F-EDBB-4592-BF07-5AC930A51051}" = Nero 7 Ultra Edition
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-8001-0405-0002-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1002-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Zem
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6443D814-16FA-11D5-8577-00105ADDC431}" = Kubex Software ArCon 5.0 Demo Version
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E3DB5A2C-E90A-4151-96EC-9B9244A29FEC}_is1" = The Lion King version 1.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

Re: mrznutie notebooku

Napsal: 28 říj 2012 22:05
od lucik
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASUSUSBDEVIC" = ASUS USB2.0 UVC VGA WebCam
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-x86 7.0.5.7_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Guard.Mail.ru" = Guard.ICQ
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"im" = Garena Plus
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.9.0 (Basic)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MultiPASS" = Canon FAX-L290
"Opera 12.02.1578" = Opera 12.02
"Picasa 3" = Picasa 3
"RAR Password Cracker" = RAR Password Cracker 4.12
"Shop for HP Supplies" = Shop for HP Supplies
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"TVWiz" = Intel(R) TV Wizard
"USB 2.0 UVC 1.3M WebCam" = USB 2.0 UVC 1.3M WebCam
"USB 2.0 UVC 2.0M WebCam" = USB 2.0 UVC 2.0M WebCam
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2501825252-3449659084-2302357657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19. 3. 2012 10:37:26 | Computer Name = Lucka-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: vlc.exe, verzia: 2.0.0.0, časová značka:
0x4f3e9873 Názov chybového modulu: vlc.exe, verzia: 2.0.0.0, časová značka: 0x4f3e9873
Kód
výnimky: 0xc0000005 Odstup chyby: 0x000016d5 Identifikácia chybného procesu: 0x53c
Čas
spustenia chybnej aplikácie: 0x01cd05d3c7fc353d Cesta chybnej aplikácie: C:\Program
Files\VideoLAN\VLC\vlc.exe Cesta chybného modulu: C:\Program Files\VideoLAN\VLC\vlc.exe
Identifikácia
hlásenia: 0b6852d3-71d1-11e1-8a63-e0cb4e091edc

Error - 24. 3. 2012 16:25:32 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 27. 3. 2012 14:56:27 | Computer Name = Lucka-PC | Source = VSS | ID = 8194
Description =

Error - 28. 3. 2012 7:39:20 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 29. 3. 2012 6:49:44 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 31. 3. 2012 4:08:27 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 1. 4. 2012 5:00:21 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 3. 4. 2012 3:09:20 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 7. 4. 2012 12:13:07 | Computer Name = Lucka-PC | Source = Application Hang | ID = 1002
Description = The program gimp-2.6.exe version 0.0.0.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 8f0 Start
Time: 01cd14d92741efc6 Termination Time: 5 Application Path: C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe

Report
Id: 866cc6fb-80cc-11e1-a48e-e0cb4e091edc

Error - 10. 4. 2012 5:06:48 | Computer Name = Lucka-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

[ Media Center Events ]
Error - 18. 7. 2010 14:46:44 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 20:46:44 - Error connecting to the internet. 20:46:44 - Unable
to contact server..

Error - 18. 7. 2010 15:46:56 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 21:46:55 - Error connecting to the internet. 21:46:56 - Unable
to contact server..

Error - 18. 7. 2010 22:50:36 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 4:50:35 - Error connecting to the internet. 4:50:35 - Unable to
contact server..

Error - 8. 4. 2011 10:00:56 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 16:00:55 - Error connecting to the internet. 16:00:55 - Unable
to contact server..

Error - 3. 6. 2011 4:05:34 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 10:05:33 - Error connecting to the internet. 10:05:33 - Unable
to contact server..

Error - 19. 6. 2011 14:58:21 | Computer Name = Lucka-PC | Source = MCUpdate | ID = 0
Description = 20:58:21 - Error connecting to the internet. 20:58:21 - Unable
to contact server..

[ OSession Events ]
Error - 4. 1. 2012 13:37:10 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4906
seconds with 2940 seconds of active time. This session ended with a crash.

Error - 4. 1. 2012 13:40:07 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 72
seconds with 60 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 9:27:43 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7262
seconds with 2580 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 9:29:01 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 11:14:05 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3910
seconds with 2160 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 12:02:47 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2876
seconds with 2340 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 12:06:03 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 168
seconds with 120 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 12:07:12 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.

Error - 5. 1. 2012 12:28:36 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 784
seconds with 480 seconds of active time. This session ended with a crash.

Error - 10. 1. 2012 7:46:00 | Computer Name = Lucka-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25. 10. 2012 11:53:11 | Computer Name = Lucka-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = The Program Compatibility Assistant service failed to perform the
phase two initialization.

Error - 26. 10. 2012 8:32:56 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 14:27:38 on ?26. ?10. ?2012 was unexpected.

Error - 26. 10. 2012 15:38:49 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 21:36:19 on ?26. ?10. ?2012 was unexpected.

Error - 27. 10. 2012 6:16:20 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 22:39:41 on ?26. ?10. ?2012 was unexpected.

Error - 27. 10. 2012 7:53:54 | Computer Name = Lucka-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 28. 10. 2012 11:23:02 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:21:28 on ?28. ?10. ?2012 was unexpected.

Error - 28. 10. 2012 11:36:18 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:33:55 on ?28. ?10. ?2012 was unexpected.

Error - 28. 10. 2012 12:45:05 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 17:43:11 on ?28. ?10. ?2012 was unexpected.

Error - 28. 10. 2012 14:03:30 | Computer Name = Lucka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:01:59 on ?28. ?10. ?2012 was unexpected.

Error - 28. 10. 2012 14:26:34 | Computer Name = Lucka-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >

Re: mrznutie notebooku

Napsal: 29 říj 2012 10:32
od Márty84
No jo, to je potom tezke :( Bohuzel, pravidla fora hovori celkem jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Poradim vam jen beznou udrzbu :?:


:!: Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete CCleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz